Russian Ransomware Perp Charged After High-Profile Hive, Babuk & LockBit Hits

Russian national Mikahail Pavlovich Matveev has been charged by the US Department of Justice (DoJ) for launching ransomware attacks on critical organizations including law enforcement agencies, healthcare operations, and more.

Matveev is estimated by the DoJ to have demanded as much as $400 million in ransom payments from his victims over his years as a ransomware operator, and to have actually collected as much as $200 million in extortion money.

The DoJ alleges that Matveev used three ransomware variants in his cybercrimes. In June 2020, he was accused by the DoJ of conspiring to deploy LockBit against New Jersey law enforcement. In addition, Matveev used Hive against a nonprofit healthcare organization in New Jersey in May 2022, and used Babuk ransomware to shake down the Washington DC Metropolitan Police Department, the DoJ added.

"From his home base in Russia, Matveev allegedly used multiple ransomware variants to attack critical infrastructure around the world, including hospitals, government agencies, and victims in other sectors," said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department's Criminal Division in a statement about the newly unsealed charges against the alleged ransomware operator. "These international crimes demand a coordinated response. We will not relent in imposing consequences on the most egregious actors in the cybercrime ecosystem."

If convicted, Matveev faces up to 20 years in prison; however, he resides in Russia, making the carrying out of any sentence highly unlikely.