US Sanctions Russian National Over Ransomware Attacks

Matveev, aliases "Wazawaka" and “Boriselcin”, faces criminal charges in New Jersey and Washington, D.C. for developing and deploying ransomware variants, including LockBit, Babuk, and Hive. U.S. authorities have added him to the Treasury Department's Specially Designated Nationals list, attributing him to cyberattacks on American law enforcement, businesses, and critical infrastructure.

The State Department posted a reward of up to $10 million, the standard amount for major cybercrime suspects, for information that leads to the capture or conviction of Matveev, stating, "Matveev has been vocal about his illegal activities." Matveev has disclosed his cybercrimes in media interviews, sharing exploit code with online criminals, and asserted that local authorities would tolerate his illicit actions as long as he remains loyal to Russia.

According to the U.S. Justice Department, Matveev, who purportedly joined the Babuk ransomware gang in early 2020, asserted responsibility for a 2021 ransomware attack targeting the Metropolitan Police Department in Washington, D.C. The cyberattack involved the infiltration of the police department's systems by the Babuk gang, resulting in the theft of personal information belonging to police officers, along with sensitive data related to gangs, crime suspects, and witnesses.

As reported by TechCrunch, Matveev and his accomplices also targeted a law enforcement agency in New Jersey's Passaic County in June 2020 using LockBit ransomware. In addition, they deployed Hive ransomware against a nonprofit behavioral healthcare organization located in nearby Mercer County in May 2020. These three ransomware gangs have reportedly victimized numerous individuals in the United States.

The LockBit gang alone has conducted over 1,400 attacks, demanding more than $100 million in ransoms and receiving over $75 million in payments. Babuk, responsible for over 65 attacks, has received $13 million in ransom payments, while Hive has targeted over 1,500 victims worldwide, amassing as much as $120 million in ransom payments.

Matveev is also suspected of having connections with the Russia-backed Conti ransomware gang. Furthermore, the Russian national is believed to have taken credit for the ransomware attack on the government of Costa Rica, in which the Conti hackers demanded a $20 million ransom and called for the overthrow of the Costa Rican government.

Matthew Graves, U.S. attorney for D.C., along with James Dennehy, FBI Newark special agent in charge, stated in a joint statement, "Data theft and extortion attempts by ransomware groups are corrosive, cynical attacks on key institutions and the good people behind them as they go about their business and serve the public. Thanks to exceptional work by our partners here, we identified and charged this culprit."