HomeMalware & ThreatsAlleged LockBit Coder Faces 41-Count Indictment in US

Alleged LockBit Coder Faces 41-Count Indictment in US

Published on

spot_img

In a recent turn of events, the United States is actively pursuing the extradition of Rostislav Panev, a dual Russian and Israeli citizen, from Israel. The reason behind this extradition request is a newly unsealed U.S. federal indictment against Panev, which alleges his involvement with the LockBit ransomware operation. According to the indictment, Panev received a $10,000 monthly salary from the ransomware group for his coding and consulting services.

Panev, who is 51 years old, was arrested back in August by the police in Haifa, Israel, at the request of American authorities. The indictment against him includes a total of 41 counts, accusing him of working for LockBit since its inception in 2019. Prosecutors claim that Panev played a significant role in developing features for the LockBit affiliate panel, including writing code to print ransom notes on all printers connected to a victim’s computer network. Additionally, he is alleged to have created code to disable Windows Defender and developed a program that utilizes Active Directory to deploy code across a network.

During the interrogation process, Israeli police reported that Panev admitted to his involvement in developing these malicious tools for LockBit. He claimed that he was initially unaware of the illegal nature of his work, a defense that prosecutors have deemed dubious. U.S. Attorney Philip R. Sellinger for the District of New Jersey, where the case is being prosecuted, stated that Panev’s actions resulted in widespread damage and financial losses globally, and he must be held accountable for his crimes.

The indictment further reveals that Panev was in communication with Dmitry Yuryevich Khoroshev, a key figure within the LockBit operation. Messages exchanged between Panev and Khoroshev, under the username “LockBit,” indicated the urgency of completing certain tasks related to the ransomware operation. Panev reportedly received monthly payments in Bitcoin, totaling at least $230,000 over the years he worked with the ransomware group. The source of these payments was traced back to Bitcoin addresses associated with LockBit.

Additionally, investigators discovered incriminating evidence on Panev’s computer, including source code for the StealBit utility, a tool used by LockBit affiliates to exfiltrate and transmit data from victims’ systems. His computer also had access to the LockBit control panel, a privilege typically reserved for individuals directly involved in the ransomware operation. Further investigation led to the uncovering of a hidden Git repository on the dark web containing source code for various LockBit cryptolockers, tailored for specific virtual environments.

The international crackdown on LockBit has intensified in recent months, with multiple arrests and server seizures disrupting the ransomware group’s operations. The outing of Khoroshev as the leader of LockBit has added to the pressure faced by the group. As authorities continue to dismantle the infrastructure supporting ransomware operations, individuals like Panev are being held accountable for their roles in perpetuating cybercrime.

Source link

Latest articles

Romanian man sentenced to 20 years in prison for involvement in NetWalker ransomware attacks

A Romanian national, Daniel Christian Hulea, was recently sentenced to 20 years in prison...

Thai government praises the use of 1441 cybercrime hotline

The Ministry of Digital Economy and Society has reported a significant decrease in cybercrime...

Live Webinar on Proactive Strategies for Program De-Risking and Audit Readiness

Bill Hemann, a seasoned Director in PwC's Cyber, Risk & Regulatory practice, brings over...

Recorded Future CEO Describes Russia’s “Undesirable” Listing as a Compliment

The designation of cybersecurity firm Recorded Future as "undesirable" by the Russian Federation has...

More like this

Romanian man sentenced to 20 years in prison for involvement in NetWalker ransomware attacks

A Romanian national, Daniel Christian Hulea, was recently sentenced to 20 years in prison...

Thai government praises the use of 1441 cybercrime hotline

The Ministry of Digital Economy and Society has reported a significant decrease in cybercrime...

Live Webinar on Proactive Strategies for Program De-Risking and Audit Readiness

Bill Hemann, a seasoned Director in PwC's Cyber, Risk & Regulatory practice, brings over...