Russian Man Charged for $200 Million in Ransomware Crimes Involving Crypto

A Russian man has been charged by US authorities for his alleged connection to multiple ransomware schemes that netted him and other attackers nearly $200 million – much of which came through crypto. 

Some of the victims of those ransomware attacks included hospitals, schools, and police departments. 

$200 Million in Ransomware Payments

The culprit – Mikhail Pavlovich Matveev – was part of three ransomware gangs: Lockbit, Babuk and Hive. Collectively, they have obtained almost $200 million from victims after demanding funds in excess of $400 million, per figures from the Department of Justice

The Department noted that Mateev was known online by multiple aliases, including “Wazawaka”, “m1x”, “Boriselcin”, and “Uhodiransomwa.”

“These international crimes demand a coordinated response,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division in the DOJ’s statement. “We will not relent in imposing consequences on the most egregious actors in the cybercrime ecosystem.”

Some of Mateev’s alleged crimes included helping deploy Babuk ransomware against the Metropolitan Police Department in Washington, D.C. in April 2021, as well as a New Jersey nonprofit behavioral healthcare organization in May 2022. 

In the former case, the criminal and his co-conspirators threatened to disclose sensitive materials to the public unless payments were made. Babuk ransomware actors have executed at least 65 attacks around the world since December 2020, demanding $49 million in payments, and receiving at least $13 million. 

In January 2022, cybersecurity journalist Brian Krebs reported that Mateev had claimed affiliation with the Darkside ransomware groups, according to Bloomberg.  Darkside was responsible for a ransomware attack against the Colonial Pipeline in 2021, which netted the attackers 63.7 BTC in forced payments. 

Crypto’s Role in Ransomware

Cryptocurrencies like Bitcoin have become popular tools for conducting ransomware attacks since 2021. Unlike traditional bank transfers, hackers can easily remain anonymous when requesting payments in Bitcoin, and such payments cannot be…