The US Department of Justice has filed charges against Russian Mikhail Pavlovich Matveev, allegedly known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin, for his involvement in Hive, LockBit, and Babuk ransomware operations targeting victims in the US. Reports indicate that the extortionists demanded a total of approximately $400 million in ransom payments, of which $200 million was ultimately paid. Matveev is charged with conspiracy to transfer ransom demands, conspiracy to damage protected computers, and willfully damaging protected computers. If convicted, he could face up to 20 years in prison.
The FBI has stated that Matveev is responsible for multiple variants of ransomware and is actively attacking US businesses and critical infrastructure, including two law enforcement agencies: the Prospect Park Police Department in New Jersey and the District of Columbia Central Police Department. The Office of Foreign Assets Control (OFAC) under the US Treasury Department has also sanctioned Matveev for his cyberattacks against American organizations, including critical US infrastructure organizations, hospitals, schools, and law enforcement agencies.
OFAC representatives have noted that Matveev openly discussed his illegal activities in interviews with the media, shared exploit code with other cybercriminals, and claimed that local authorities would tolerate his illegal activities. As a result, the State Department has offered a reward of up to $10 million for any information that could lead to the arrest or conviction of Matveev.
