Escalating Cyber Threat: Russian Man Charged in $200M Ransomware Crypto Spree

A Russian man has been charged in connection with a $200M ransomware crypto spree, sending shockwaves through the digital landscape.

Ransomware assaults are becoming increasingly common, but the scope and severity of this particular spree have upped the stakes to unprecedented levels. The Russian man is suspected of masterminding sophisticated attacks on individuals and organizations worldwide.

US officials have accused A Russian man of his alleged involvement in various ransomware scams that netted him and other attackers approximately $200 million, most of which was obtained through cryptocurrency. Ransomware assaults targeted hospitals, schools, and police organizations.

Payments for Ransomware Exceed $200 Million:

Mikhail Pavlovich Matveev was a member of three ransomware gangs: Lockbit, Babuk, and Hive. According to Department of Justice numbers, they have collected about $200 million from victims after requesting more than $400 million.

Mateev was known online under several identities, including “Wazawaka,” “m1x,” “Boriselcin,” and “Uhodiransomwa,” according to the Department.

“These international crimes demand a coordinated response,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division in a statement released by the DOJ. “We will not relentlessly impose consequences on the most egregious actors in the cybercrime ecosystem.”

Mateev is accused of assisting in the deployment of Babuk ransomware against the Metropolitan Police Department in Washington, D.C., in April 2021, as well as a nonprofit behavioral healthcare organization in New Jersey in May 2022.

The Role of Crypto in Ransomware:

In the former case, the criminal and his co-conspirators threatened to release important information to the public unless money was paid. Babuk ransomware criminals have carried out at least 65 attacks worldwide since December 2020, asking $49 million and obtaining at least $13 million.

According to Bloomberg, cybersecurity journalist Brian Krebs revealed in January 2022 that Mateev claimed membership with the Darkside ransomware organizations. Darkside was behind a ransomware attack on the Colonial Pipeline in 2021 that netted the attackers 63.7 BTC in forced payments.

Since 2021, cryptocurrencies such as Bitcoin have grown into popular instruments for launching ransomware attacks. Unlike regular financial transactions, while requesting Bitcoin payments, hackers can easily remain anonymous, and such payments can’t be revoked or recovered by a bank or government.