Active Members akkiliON Posted December 3 Active Members Report Posted December 3 A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities in the country. According to a news report from Russian media outlet RIA Novosti, Mikhail Pavlovich Matveev has been accused of developing a malicious program designed to encrypt files and seek ransom in return for a decryption key. "At present, the investigator has collected sufficient evidence, the criminal case with the indictment signed by the prosecutor has been sent to the Central District Court of the city of Kaliningrad for consideration on the merits," the Russian Ministry of Internal Affairs said in a statement. Matveev has been charged under Part 1 of Article 273 of the Criminal Code of the Russian Federation, which relates to the creation, use, and distribution of computer programs that can cause "destruction, blocking, modification or copying of computer information." He was previously charged and indicted by the U.S. government in May 2023 for launching ransomware attacks against "thousands of victims" in the country and across the world. He is also known by various online aliases Wazawaka, m1x, Boriselcin, Uhodiransomwar, and Orange. Matveev has also gone public about his criminal activities, stating that "his illicit activities will be tolerated by local authorities provided that he remains loyal to Russia." He was sanctioned by the U.S. Treasury and has been the subject of a reward of up to $10 million for any information that could lead to his arrest or conviction. A subsequent report from Swiss cybersecurity firm PRODAFT revealed that Matveev has been leading a team of six penetration testers to carry out the ransomware attacks. Besides working as an affiliate for Conti, LockBit, Hive, Trigona, and NoEscape ransomware groups, he is said to have had a management-level role with the Babuk ransomware group up until early 2022. Furthermore, he is believed to have deeper ties with the Russian cybercrime group known as Evil Corp. The development comes a little over a month after four members of the now-defunct REvil ransomware operation were sentenced to several years in prison in Russia after they were convicted of hacking and money laundering charges. Update# A security research community that goes by the alias "club1337" said in a post on X that they received confirmation from Matveev that he had been charged in Russia, and that he had paid two fines and forfeited a chunk of the cryptocurrency earned. "He is currently out on bail, unharmed, and awaiting the next steps in the legal process," the researcher said. In a related law enforcement action, Stanislav Moiseyev, the founder of the now-defunct Hydra darknet marketplace, has been sentenced to life in prison. He has also been ordered to pay a fine of 4 million rubles. The recent wave of arrests and prosecution of Russian cybercriminals are an unusual departure from the norm, as it's uncommon for the Kremlin to prosecute its own hackers as long as they stay out of targeting companies and individuals located within its borders. Source: https://thehackernews.com/2024/11/wanted-russian-cybercriminal-linked-to.html 3 Quote