Russian Hacker Charged in $200M Crypto Ransomware Scheme Against US Infrastructure
The United States Department of Justice has charged a Russian national with two indictments. The individuals executed attacks against U.S. infrastructure.
The United States Department of Justice (DOJ) has charged a Russian national with a crypto-ransomware scheme targeting the United States infrastructure. In a press release released on May 16, the Justice Department said it had unsealed two indictments against the individual.
Crypto Ransomware Attacker Charged
The attack was carried out against “numerous victims throughout the United States,” and this included “law enforcement agencies in Washington, D.C. and New Jersey, as well as victims in healthcare and other sectors nationwide.”
Crypto ransomware attacker Mikhail Pavlovich Matveev’s wanted poster:: KrebsonSecurity
The perpetrator was Mikhail Pavlovich Matveev, who also went by the monikers of Wazawaka, m1x, Boriselcin, and Uhodiransomwar. The attack goes far back as 2020, with the ransomware being the variants of LockBit, Babuk, and Hive. Reportedly, Matveev made demands of as much as $400 million, and he stole $200 million.
Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division said of Matveev,
“From his home base in Russia, Matveev allegedly used multiple ransomware variants to attack critical infrastructure around the world, including hospitals, government agencies, and victims in other sectors. These international crimes demand a coordinated response. We will not relent in imposing consequences on the most egregious actors in the cybercrime ecosystem.”
Who Is Wazawaka?
Matveev is a controversial figure in the cybercrime world. In 2022, the media reported that he had gone rogue, posting exploit codes and taunting researchers and journalists. Soon, publishers started to release selfies and videos associated with Matveev.
He frequently posted information about the attacks, and his methods seem to directly oppose the care with which ransomware groups were operating following increased scrutiny. His cavalier attitude seems to have caught up with him, with the recent action that law enforcement has taken against him.
Russian Hackers Still Active in the Crypto World
Russian entities have frequently been involved in attacks using cryptocurrencies. A Russian national pleaded not guilty to laundering ransom payments from attacks on U.S. infrastructure in 2022. Those outside the jurisdiction have targeted a Ukrainian gas firm.
Not all have explicitly negative motives. One “Robin Hood” attacker stole funds from Russian law enforcement, which they donated to Ukraine. The individual remains anonymous but is making rounds in the crypto world for his actions.