Russian Hacker Indicted for 'prolific' Ransomware Program That Targeted New Jersey Victims

The US District Attorney, Philip R. Sellinger, announced on Tuesday that a Russian National has been charged with running a ransomware operation that targeted various entities such as hospitals, schools, police departments, and municipalities in New Jersey and other states.

Dimitry Yuryevich Khoroshev, a 31-year-old man from Voronezh, Russia, has been charged with operating LockBit, a ransomware program. This program was used by others to target companies worldwide, gaining unauthorized access to their data systems and demanding payment in bitcoin in exchange for the release of sensitive information. These charges were announced by officials.

Khoroshev was accused by prosecutors of being the administrator and developer of LockBit from its start in 2019 until this month. As a result, a New Jersey grand jury issued charges against him. In February 2024, a group of organizations including the Justice Department, the FBI, and the U.K. National Crime Agency’s Cyber Division worked together to disrupt LockBit. They were able to seize the servers used by the network, according to authorities.

“According to the indictment, Khoroshev created LockBit in a way that allowed hackers to secretly access a victim’s computer systems and either encrypt or steal the victim’s data, or both,” Sellinger said in a statement. After Lockbit was installed, hackers sent ransom notes to the victims. These notes threatened to publicly release the stolen data unless a ransom of hundreds of thousands or even millions of dollars was paid. A single victim received a ransom demand of $200 million. The hackers would allegedly make the victim’s private data public if they didn’t pay. This data would often be posted on a website known as a ‘data leak site’.

Also Read: New York Tops in the List of 50 Richest Cities in the World

Khoroshev is still on the loose. Officials have stated that Khoroshev created the LockBit program and then enlisted other members, known as “affiliates,” to spread the ransomware. He even provided them with a dashboard of tools to help with the deployment. According to prosecutors, Khoroshev would collect a fee of 20% of the ransom amount after an attack.

According to authorities, Lockbit collected more than $500 million, with Khoroshev receiving over $100 million. The indictment states that victims were frequently instructed to pay ransoms using Bitcoin. Authorities also revealed that LockBit had kept sensitive information obtained from the attacks, which they had promised to delete, even after the ransoms were paid.

Khoroshev and his partners developed LockBit into one of the most harmful and prevalent types of ransomware globally. It targeted at least 2,500 victims across 120 countries, according to authorities. Officials have reported that there were over 1,800 victims in the United States, with at least seven victims in New Jersey.

The FBI and Justice Department are offering a $10 million reward for any information that helps capture Khoroshev. Officials said that Khoroshev reached out to the police after the disruption of LockBit in February 2024. He offered to help the authorities in exchange for bringing LockBit back to its previous position as one of the top ransomware programs. He also asked for the names of his enemies.

Also Read: White House: Trump Gestapo Comment Mimics ‘appalling Rhetoric of Fascists’

Since the investigation into LockBit began in 2022, a total of six people have been charged. Mikhail Vasiliev, who holds citizenship in both Russia and Canada, was accused in November 2022 of being involved with LockBit according to a criminal complaint. Vasiliev is currently being held in Canada and is waiting to be extradited.

In June 2023, a Russian man named Ruslan Magomedovich Astamirov was accused of being involved with the LockBit group. He was charged in a court in New Jersey. Astamirov is currently being held in custody and is waiting for his trial to begin.

The other individuals involved in the LockBit attacks are still not caught. One of them is Mikahil Matveev, who used different types of ransomware to target multiple victims, including the Washington D.C. Metro Police Department, according to authorities. There is an additional $10 million reward available for anyone who provides information that leads to the capture of Matveev.

Artur Sungatov and Ivan Kondratyev were accused in February 2024 of using LockBit ransomware to attack businesses in the United States.

The indictment unsealed on Tuesday did not reveal the names of the victims. However, there have been multiple ransomware attacks in New Jersey that have targeted both public institutions and private businesses.

Leave a Reply

Your email address will not be published.