The FBI has caught another LockBit hacker, the Justice Department has announced

    The Justice Department has arrested and charged a Russian national for his alleged role in multiple LockBit ransomware attacks against victims in the US and around the world.

    According to a criminal complaint Ruslan Magomedovich Astamirov, 20, who was unsealed on Thursday, is accused of carrying out five cyberattacks between August 2020 and March 2023, four of which involved the infamous LockBit ransomware.

    “Astamirov allegedly participated in a conspiracy with other members of the LockBit ransomware campaign to commit telephony fraud and deliberately damage protected computers and demand ransom through the use and deployment of ransomware,” the Justice Department said.

    Astamirov, a national of the Russian-controlled Chechen Republic, allegedly carried out attacks against two US-based organizations, along with organizations headquartered in Japan, France and Kenya. According to the complaint, at least one of the victims paid $700,000. Another victim refused to pay and Astamirov allegedly uploaded the company’s data to LockBit’s public server.

    LockBit first emerged as a ransomware-as-a-service (RaaS) operation in late 2019 and has since been used in approximately 1,800 ransomware attacks against victim systems in the United States and worldwide. In an advisory published this week, US cybersecurity officials said known LockBit attacks accounted for 16% of attacks against public entities, including schools, local governments and law enforcement, by 2022.

    As of January 2020, the LockBit group has been linked to about $91 million in ransoms paid in the US, the advisory said.

    Astamirov, who was tracked down and arrested in the US after law enforcement traced part of a victim’s ransom money to a cryptocurrency address controlled by Astamirov, has been charged with conspiracy to send ransom demands, commit wire fraud, and intentionally secure computers to damage . If found guilty, he could face up to 20 years in prison for the wire fraud charge and up to five years in prison for the charge related to damaging secure computers.

    Astamirov is the third LockBit affiliate the US Justice Department has sued in the past seven months. In November, officials charged 33-year-old Mikhail Vasiliev — described as “one of the world’s most prolific ransomware operators” — for his alleged involvement in the LockBit ransomware gang. Vasiliev is now detained in Canada and awaits extradition to the United States.

    In May, the US government also sued American Mikhail Matveev, known online as “Wazawaka” and “Boriselcin”, for allegedly acting as a “central figure” in developing and deploying the Hive, LockBit, and Babuk ransomware variants.

    Since emerging in 2019, LockBit has claimed multiple high-profile victims worldwide in recent months, including British postal giant Royal Mail, the government of Costa Rica and financial software company Ion Group. This week, LockBit also claimed responsibility for a cyber-attack on Indian pharmaceutical giant Granules India and published parts of the data it allegedly stole.

    Recent Articles

    Related Stories

    Stay on op - Ge the daily news in your inbox

    [tdn_block_newsletter_subscribe input_placeholder=”Email address” btn_text=”Subscribe” tds_newsletter2-image=”730″ tds_newsletter2-image_bg_color=”#c3ecff” tds_newsletter3-input_bar_display=”” tds_newsletter4-image=”731″ tds_newsletter4-image_bg_color=”#fffbcf” tds_newsletter4-btn_bg_color=”#f3b700″ tds_newsletter4-check_accent=”#f3b700″ tds_newsletter5-tdicon=”tdc-font-fa tdc-font-fa-envelope-o” tds_newsletter5-btn_bg_color=”#000000″ tds_newsletter5-btn_bg_color_hover=”#4db2ec” tds_newsletter5-check_accent=”#000000″ tds_newsletter6-input_bar_display=”row” tds_newsletter6-btn_bg_color=”#da1414″ tds_newsletter6-check_accent=”#da1414″ tds_newsletter7-image=”732″ tds_newsletter7-btn_bg_color=”#1c69ad” tds_newsletter7-check_accent=”#1c69ad” tds_newsletter7-f_title_font_size=”20″ tds_newsletter7-f_title_font_line_height=”28px” tds_newsletter8-input_bar_display=”row” tds_newsletter8-btn_bg_color=”#00649e” tds_newsletter8-btn_bg_color_hover=”#21709e” tds_newsletter8-check_accent=”#00649e” embedded_form_code=”YWN0aW9uJTNEJTIybGlzdC1tYW5hZ2UuY29tJTJGc3Vic2NyaWJlJTIy” tds_newsletter=”tds_newsletter1″ tds_newsletter3-all_border_width=”2″ tds_newsletter3-all_border_color=”#e6e6e6″ tdc_css=”eyJhbGwiOnsibWFyZ2luLWJvdHRvbSI6IjAiLCJib3JkZXItY29sb3IiOiIjZTZlNmU2IiwiZGlzcGxheSI6IiJ9fQ==” tds_newsletter1-btn_bg_color=”#0d42a2″ tds_newsletter1-f_btn_font_family=”406″ tds_newsletter1-f_btn_font_transform=”uppercase” tds_newsletter1-f_btn_font_weight=”800″ tds_newsletter1-f_btn_font_spacing=”1″ tds_newsletter1-f_input_font_line_height=”eyJhbGwiOiIzIiwicG9ydHJhaXQiOiIyLjYiLCJsYW5kc2NhcGUiOiIyLjgifQ==” tds_newsletter1-f_input_font_family=”406″ tds_newsletter1-f_input_font_size=”eyJhbGwiOiIxMyIsImxhbmRzY2FwZSI6IjEyIiwicG9ydHJhaXQiOiIxMSIsInBob25lIjoiMTMifQ==” tds_newsletter1-input_bg_color=”#fcfcfc” tds_newsletter1-input_border_size=”0″ tds_newsletter1-f_btn_font_size=”eyJsYW5kc2NhcGUiOiIxMiIsInBvcnRyYWl0IjoiMTEiLCJhbGwiOiIxMyJ9″ content_align_horizontal=”content-horiz-center”]