Third Russian National Charged for Allegedly Deploying LockBit Ransomware

The US Justice Department has announced charges against yet another Russian national allegedly involved in deploying the LockBit ransomware. This comes at a time when there is an ongoing crackdown on international cybercriminals responsible for wreaking havoc on organizations across the globe.

Arrest and Charges

Ruslan Magomedovich Astamirov, a 20-year-old from the Chechen Republic, Russia, was recently arrested in Arizona and charged with conspiracy to commit wire fraud and conspiracy to damage computers and transmit ransom demands. According to the charges, Astamirov owned, controlled, and used multiple IP addresses, email addresses, and other online accounts to deploy the LockBit ransomware and communicate with victims.

Tracing the Payment

Court documents reveal that authorities were able to trace a victim’s payment to a cryptocurrency address that Astamirov controlled. This helped to incriminate him and link him to the LockBit ransomware attacks.

Involvement with LockBit ransomware gang

According to an FBI complaint, Astamirov has been a member of the LockBit ransomware gang since at least August 2020. He directly executed at least five cyberattacks against victim systems in the US. This shows a clear pattern of behavior that was impacting the livelihoods and operations of different organizations.

During a voluntary interview with the FBI in May 2023, Astamirov lied about his connection with one of the email addresses used in LockBit ransomware attacks. This act of deception further implicated him in cybercrime-related activities.

There is no complete sentence here for me to correct. This phrase seems to be expressing a topic, but it does not provide enough context for me to understand what kind of evidence or accusation is being referred to against Astamirov. If you could provide me with more information, I would be glad to help you express your message more clearly.

Law enforcement obtained evidence that Astamirov used the email address to set up online accounts used in LockBit attacks. He also controlled an IP address used in attacks against at least four victims. Through this clear evidentiary trail, law enforcement was able to build a case against him.

Here is an overview of LockBit Ransomware

The LockBit ransomware has been active since at least January 2020, operating under the Ransomware-as-a-Service (RaaS) model and targeting organizations in the US, Asia, Europe, and Africa. The ransomware encrypts an organization’s data, making it inaccessible, and demands a ransom payment in exchange for the decryption key. The FBI estimates that it has been used in roughly 1,700 attacks in the US, with victims paying approximately $91 million in ransoms.

Other Arrests and Rewards

This recent arrest of Astamirov follows the arrest of Mikhail Vasiliev, another Russian and Canadian national, who was arrested in Canada for his role in LockBit deployments in November 2021. Furthermore, the US has announced a $10 million reward for information leading to the arrest of Mikhail Pavlovich Matveev, a Russian national who is allegedly involved in Babuk, Hive, and LockBit ransomware attacks. These arrests and rewards are part of the global effort to crack down on cybercriminals who engage in ransomware attacks and cause serious damage to businesses and individuals.

The arrest and charges against Astamirov add to the increasing efforts by law enforcement agencies to curb cybercrime, especially related to ransomware attacks. While it is crucial to focus on apprehending the individuals responsible for these types of crimes, it is also essential to put measures in place to prevent cyberattacks from occurring in the first place. This includes implementing better security protocols, conducting employee training, establishing data backup and recovery plans, and more. The LockBit ransomware attacks highlight the need for businesses to be vigilant and proactive in protecting themselves from such attacks.

Explore more

Ethereum Uses AI Swarms to Proactively Patch Network Flaws

The architectural integrity of global decentralized networks has reached a pivotal juncture where the speed of malicious exploitation often outpaces the traditional cadence of human-led security audits. To address this widening gap, The Ethereum Foundation has fundamentally transitioned its security strategy from a reactive model to an automated, proactive defense paradigm that leverages the power of machine learning. This shift

How Is ERP Modernization Driving DLA to Audit Readiness?

The Defense Logistics Agency currently manages an intricate global supply chain that serves as the backbone for the United States military, requiring an unprecedented level of financial precision and operational transparency to meet modern oversight requirements. This massive undertaking involves a transition from aging, siloed legacy systems to a unified Enterprise Resource Planning environment designed to provide real-time visibility into

What Makes Odyssey Infostealer a Global Threat to macOS?

The long-standing myth that macOS remains immune to sophisticated cyberattacks has been decisively shattered by the emergence of the Odyssey infostealer, a highly specialized malware variant engineered to bypass modern system integrity protections. This transition represents a fundamental shift in the threat landscape, where the historical security-by-obscurity advantage once enjoyed by Apple users has entirely vanished. As the adoption of

Can AI Secure Windows Without Compromising Stability?

The sheer scale of modern software development has reached a point where manual code review is no longer sufficient to protect the billions of devices running Windows across the globe. As lines of code multiply and interdependencies become more complex, traditional security measures are struggling to keep pace with the rapid evolution of sophisticated digital threats. In response to this

Xero Launches JAX to Redefine Accounting with Agentic AI

Small business owners have historically spent an exhausting amount of time tethered to spreadsheets and receipts, but the emergence of agentic AI is finally turning those static records into a living, breathing financial command center that operates with minimal human oversight. With more than five million global subscribers now integrated into its ecosystem, Xero is spearheading a movement toward Accountable