On Tuesday, the United States Department of Justice (DoJ) charged a Russian national associated with a crypto-ransomware scheme targeting the US infrastructure. Reportedly, the department has filed two indictments against the individual.
According to the DoJ’s press release, the accused individual carried out attacks against “numerous victims throughout the United States.” Reportedly, among the entities targeted, there were several government offices including “law enforcement agencies in Washington, D.C. and New Jersey, as well as victims in healthcare and other sectors nationwide.
Sources reveal the perpetrator was Mikhail Pavlovich Matveev, who also went by names such as monikers of Wazawaka, m1x, Boriselcin, and Uhodiransomwar. Reportedly, his attacks go as far back as 2020, with the ransomware being the variants of LockBit, Babuk, and Hive.
Furthermore, the DoJ revealed that Matveev made demands of as much as $400 million, and he stole $200 million. Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division while talking about Matveev said:
From his home base in Russia, Matveev allegedly used multiple ransomware variants to attack critical infrastructure around the world, including hospitals, government agencies, and victims in other sectors. These international crimes demand a coordinated response. We will not relent in imposing consequences on the most egregious actors in the cybercrime ecosystem.
The investigation revealed that Matveev has been a controversial figure in the cybercrime world. In 2022, media reports revealed that he had gone rogue, posting exploit codes and taunting researchers and journalists. Soon after that publishers started to release selfies and videos associated with Matveev.
He frequently posted information about the attacks, and his methods seem to directly oppose the care with which ransomware groups were operating following increased scrutiny. His cavalier attitude seems to have caught up with him, with the recent action that law enforcement has taken against him.
Russian entities have frequently been involved in attacks using cryptocurrencies. Last year, the DoJ extradited a suspected Bitcoin money launderer from the Netherlands. Russian citizen Denis Mihaqloviv Dubnikov was arrested and sent for a five-day jury trial in October.
Under the DOJ announcement, Dubnikov was supposed to get a sentence of up to 20 years in prison if found guilty. In a different case, another Russian national pleaded not guilty to laundering ransom payments from attacks on U.S. infrastructure in 2022. Those outside the jurisdiction have targeted a Ukrainian gas firm.
However, not all hackers have explicitly negative motives. Recently, an attacker gained access and stole $300,000 worth of Bitcoin belonging to various Russian government agencies and stole the funds and donated to Ukraine. The individual remains anonymous but is making rounds in the crypto world for his actions.
Nonetheless, the US DoJ is intending to increase authority over the crypto sector. In a media interaction, Eun Young Choi, director of the national cryptocurrency enforcement team, said that the judicial department would crack down on crypto platforms like exchanges, mixers, and tumblers that enable malicious players to carry out their crimes.
She added that the agency would significantly focus on hacks involving decentralized finance (DeFi), particularly chain-bridge hacks. The director said this was a “significant issue” considering the prevalence of North Korea-backed hackers in these activities.