U.S. authorities have indicted Mikhail Pavlovich Matveev, a 30-year-old Russian and alleged Kingpin of major ransomware groups, and are offering a $10 million reward for information leading to his capture.

A network of notorious cybercriminals

Matveev faces charges for willful damage to safeguarded computer systems, conspiring to harm such computers, and disseminating ransom demands. He is suspected of assisting in the deployment of notorious ransomware strains such as LockBit, Hive, and Babuk to extract money from U.S. and international establishments. The FBI has traced Matveev’s roots to Kaliningrad and St. Petersburg in Russia, where he is believed to be currently situated.

A prevalent understanding is that cyber felons based in Russia can avoid prosecution as long as they steer clear of attacking the Russian government or local businesses. This ‘safe harbor’ protection encourages many ransomware syndicates to operate out of Russia. They generally avoid leaving the country for fear of apprehension in jurisdictions with extradition treaties with western countries, thereby eluding punishment.

Allegations against Matveev, the supposed Kingpin

The DoJ has implicated Matveev, alleged Kingpin in the LockBit operation, and his associates in a ransomware attack on a New Jersey law enforcement agency, around June 25, 2020. He is also suspected to be the mastermind behind a 2021 Babuk assault on the DC police department.

“Operating from his Russian stronghold, Matveev, the accused Kingpin, allegedly employed several ransomware strains to compromise critical infrastructure worldwide,” remarked Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division. Assistant Attorney General Kenneth A. Polite, Jr. underscored the need for a global response to these international cybercrimes. He further affirmed the Department’s resolve. They are committed to consistently applying sanctions to the most harmful cyber criminals.

In its public call for Matveev’s apprehension, the FBI revealed his known pseudonyms, such as ‘Wazawaka‘, ‘Boriscelcin‘, ‘m1x‘, and ‘Uhodiransomwar‘. They encourage anyone with pertinent information leading to Matveev’s arrest or conviction to come forward. The FBI’s Newark Field Office Cyber Crimes Task Force is leading the case. They are working in partnership with several European agencies. The UK’s National Crime Agency stands out among these collaborators.

Understanding LockBit, Hive, and Babuk

LockBit and Hive have gained notoriety as ransomware as a service (RaaS) groups. They employ double extortion tactics, carving a niche for themselves in the process. Meanwhile, Babuk, another infamous group, is now thought to be retired. However, during its active period, Babuk collected up to $13 million in ransom payments. This included proceeds from high-profile attacks, such as the one on the NHS outsourcing firm, Serco. The DoJ estimates that these three groups have collectively extracted a massive $200 million in ransom from their numerous victims.

What are your thoughts on this relentless battle against international cybercrime? Do you think that these hefty bounty rewards will significantly enhance the chances of catching these cybercriminals? We invite you to share your perspectives in the comments section below!