Two Russian residents have pleaded guilty to their involvement in ransomware attacks within the United States, Asia, Europe and Africa by a notorious hacker gang often called LockBit.
Ruslan Magomedovich Astamirov And Mikhail Vasilyev admitted to helping spread the ransomware variant that first appeared in 2020. It soon became one of the crucial destructive on the earth, targeting greater than 2,500 victims and leading to ransom payments of at the very least $500 million, based on the Justice Department.
The men pleaded guilty Thursday in federal court in Newark, New Jersey, where six people were charged with LockBit attacks, including Dimitri Yuryevich Khoroshevdescribed by the US because the founder, developer and administrator of the group. The US authorities have offered a reward of as much as 10 million dollars for his arrest.
Astamirov, 21, of the Chechen Republic, and Vasiliev, 34, of Bradford, Ontario, pleaded guilty to charges including conspiracy to commit computer fraud and abuse.
LockBit is the name of a ransomware variant, a sort of malicious code that locks computers before hackers demand a ransom to unlock them. Hacker gangs are sometimes known by the name of their ransomware variant. LockBit has successfully implemented a ransomware-as-a-service model wherein “affiliates” lease the malicious code and do the actual hacking in exchange for paying the gang’s leaders a share of their illegal earnings. Astamirov and Vasiliev were partners, based on the Justice Department.
In recent years, the U.S. and its allies have aggressively tried to curb ransomware attacks by sanctioning hackers or corporations related to them or by disrupting the web infrastructure of cybercriminal gangs. But many hackers are situated in places like Russia that provide them with refuge, making it difficult for Western law enforcement to arrest them.
In February, authorities within the US and UK announced that they’d disrupted LockBit’s operations, arrested suspected members, seized servers and cryptocurrency accounts, and secured decryption keys to release the stolen data.
“We have dealt major blows to destructive ransomware groups like LockBit, for example when we took control of the LockBit infrastructure earlier this year and distributed decryption keys to its victims,” Assistant Attorney General Lisa Monaco said in an announcement.
Vasiliev used LockBit against at the very least 12 victims, including an academic institution within the UK and a faculty in Switzerland, the US said. He was arrested by Canadian authorities in November 2022 and extradited to the US in June.
Astamirov was arrested by the FBI last yr. In May 2023, he agreed to an interview with FBI agents in Arizona, where they seized his electronic devices. He initially denied having anything to do with an email account through a Russia-based provider, but agents later found records on his devices, based on the arrest grievance. Records showed that Astamirov used the e-mail to “create multiple online accounts under names that were either completely or nearly identical to his own name,” the grievance said.
After August 2020, Astamirov carried out cyberattacks on at the very least five victims, based on the FBI grievance. These included: corporations in France and West Palm Beach, Florida; a Tokyo company that refused to pay a ransom, after which the group posted stolen data on a “leak site” of extortion victims; a Virginia company that stopped an attack after 24,000 documents were stolen; and a Kenyan company that agreed to pay a ransom after a few of its stolen data was posted on the LockBit website.
The verdict for each is scheduled for January 8, 2025.
CEO Daily provides an important context to the news that leaders across the business world have to know. Every weekday morning, greater than 125,000 readers trust CEO Daily for insights into the C-suite and its surroundings. Subscribe now.
