UPDATED 19:44 EST / JUNE 15 2023

SECURITY

Russian man arrested for alleged involvement with LockBit ransomware gang

A Russian national has been arrested in Arizona on charges alleging that he was involved in multiple LockBit ransomware attacks against victims in the U.S., Asia, Europe and Africa.

The LockBit ransomware gang, which first emerged in 2020, operates on a ransomware-as-a-service model where affiliates use already developed ransomware to execute attacks. In its time, LockBit has regularly been one of the most prolific ransomware groups, named as the most active threat actor in January.

The Russian national, Ruslan Magomedovich Astamirov, is alleged by the Department of Justice to have been involved in five separate ransomware attacks between August 2022 and March 2023, including four done as an affiliate of LockBit.

As part of his LockBit-related activities, Astamirov is alleged to have owned, controlled and used a variety of email addresses, Internet Protocol addresses and other online provider accounts that allowed him and his co-conspirators to deploy LockBit ransomware and to communicate with their victims. Suggesting how they eventually found him, law enforcement was able to trace a portion of a victim’s ransom payment in one of the LockBit attacks to a cryptocurrency address under Astamirov’s control.

“This LockBit-related arrest, the second in six months, underscores the Justice Department’s unwavering commitment to hold ransomware actors accountable,” Deputy Attorney General Lisa O. Monaco said in a statement. “In securing the arrest of a second Russian national affiliated with the LockBit ransomware, the department has once again demonstrated the long arm of the law. We will continue to use every tool at our disposal to disrupt cybercrime and while cybercriminals may continue to run, they ultimately cannot hide.”

The previous arrest occurred in Ontario, Canada, in November and involved dual Russian and Canadian national Mikhail Vasiliev. Similar to the allegations against Astamirov, Vasiliev was also accused of participating in LockBit campaigns, intentionally damaging protected computers and transmitting ransom demands.

Astamirov has been charged with conspiring to commit wire fraud and conspiring to damage protected computers and transmitting ransom demands intentionally. If convicted, he faces a maximum penalty of 20 years in prison on the first charge and a maximum penalty of five years in prison on the second charge.

Image: Bing Image Creator

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU