Russian hacker charged by U.S. in ransomware attacks that raked in over $200 million

 A Russian hacker accused of targeting hospitals, schools and police departments in New Jersey and the nation's capital in ransomware attacks is charged and a $10 million award is offered for information leading to his capture, federal officials announced Tuesday.

The Justice Department unsealed indictments accusing Mikhail Pavlovich Matveev, a Russian national, of being a member of ransomware conspiracies in hundreds of internet-based scams designed to extort money from U.S.-based victims.

Matveev was charged by federal officials with conspiring to transmit ransom demands, conspiring to damage protected computers and intentionally damaging protected computers, court records show. If convicted, he faces over 20 years in prison.

"These malicious actors believe they can operate with impunity – and don’t fear getting caught because they sit in a country where they feel safe and protected. That may be the case now, but the safe harbor may not exist forever," said James E. Dennehy, FBI-Newark special agent in charge. "When we have an opportunity, we will do everything in our power to bring Matveev and his ilk to justice."

ATTACKS ON MEDICAL DATA:Hacks on hospital records are surging. Here's why your medical data is vulnerable.

Matveev, co-conspirators raked in $200 million, feds say

Matveev, 30, is accused of working from Russia with other hackers since at least 2020 using ransomware variants LockBit, Hive and Babuk. In total, Matveev is accused of raking in roughly $200 million in ransom from about 2,800 victims in the United States and around the world.  Matveev's alleged victims included hospitals, businesses, nonprofits – including churches and charities – and government agencies, said Kenneth A. Polite, Jr., assistant U.S. attorney general.

Matveev operated under the aliases Wazawaka, m1x, Boriselcin, and Uhodiransomwar, and would work with his co-conspirators to send ransom demands to victims after infiltrating their computer systems, threatening to expose private data or keep their data inaccessible, according to an unsealed indictment. The hackers accepted payments in cryptocurrency and demanded a total of about $400 million.

PREVIOUSLYFBI dismantles ransomware gang Hive's website; $130 million in ransom payments averted

The State Department announced a $10 million reward for information leading to Matveev's arrest.

Matveev is on an FBI most-wanted list of cyber criminals, which describes his ties to Kaliningrad and St. Petersburg, Russia and urges citizens around the globe to be on the lookout for his unique physical appearance: four fingers on his left hand and a tattoo sleeve on his right arm with celestial objects and sea creatures.

Police departments in DC, New Jersey targeted

Matveev also targeted police forces including the Prospect Park, New Jersey, Police Department in June 2020 and the Washington, D.C. Metropolitan Police Department in April 2021.

D.C. police were the victims of what experts called the worst known ransomware attack on a U.S. police department after they refused to meet the ransom demands and suffered a massive data leak to the dark web. Intelligence reports and officers' personal information were leaked, including security information from other law enforcement agencies related to President Joe Biden’s inauguration, according to The Associated Press.

Prospect Park, New Jersey Mayor Mohamed Khairullah said the hacker penetrated Prospect Park's computers by sending a phishing email.

Khairullah said the hack compromised an unspecified number of computer files, which contained personal information about current and retired police officers. He said the officers were provided by the borough with credit-monitoring service for four years to ensure that they are not targets of identity theft.

“Our immediate response was to make sure that we protect them,” he said.

Since the hack, Khairullah said, municipal employees have been educated on how to properly authenticate emails. He said the borough also moved its computer data to cloud-based storage, which is generally more secure than an on-premise server.

Staff Writer Phil Devencentis contributed to this report.

No comments:

Powered by Blogger.