HomeCII/OTAuthorities Identified the Alleged Lockbit Boss through Investigation – Krebs on Security

Authorities Identified the Alleged Lockbit Boss through Investigation – Krebs on Security

Published on

spot_img

The recent news about the United States, U.K., and Australia sanctioning and charging Russian national Dmitry Yuryevich Khoroshev as the leader of the LockBit ransomware group has stirred up controversy and confusion. Khoroshev, known as “LockBitSupp,” denies the allegations, claiming that the authorities have named the wrong person without providing clear evidence linking him to the crimes.

The U.S. Department of Justice indicted Khoroshev on 26 criminal counts, including extortion, wire fraud, and conspiracy. The government alleges that Khoroshev created, sold, and used the LockBit ransomware strain to extort over $100 million from numerous victim organizations. It is also claimed that LockBit, as a group, extorted approximately half a billion dollars over a four-year period. Khoroshev reportedly operated LockBit as a “ransomware-as-a-service” model, where he received 20% of the ransom payments while affiliates distributing the malware received the rest.

The U.S. Department of the Treasury imposed financial sanctions on Khoroshev, revealing details such as his email and street address in Voronezh, Russia, passport number, and tax ID number. Investigations by various cyber intelligence firms have uncovered Khoroshev’s involvement in registering domains and operating various online personas such as NeroWolfe and Putinkrab on cybercrime forums. These personas were linked to activities involving the sale of malicious code, including ransomware and malware.

NeroWolfe, identified by the ICQ number 669316, was active in Russian cybercrime forums, offering services related to malware development and encryption. Putinkrab, another alias used by Khoroshev, emerged in 2019 on Russian forums, selling ransomware source code written in C and collaborating with affiliates on ransomware projects. Putinkrab’s activities included the development of advanced evasion techniques to avoid detection by security tools and seeking investors for new ransomware initiatives.

The gradual transition from NeroWolfe to Putinkrab hints at Khoroshev’s evolution as a prominent figure in the ransomware industry. The threads of his online activities suggest a deep-rooted involvement in malicious operations, backed by technical expertise in data encryption and malware development. The emergence of LockBit ransomware and Khoroshev’s role as LockBitSupp underscores his presence at the forefront of the ransomware-as-a-service market.

The investigations into Khoroshev’s connections to previous ransomware strains, like Cerber, and the FBI’s recent takeover of LockBit’s infrastructure highlight the ongoing efforts to dismantle cybercriminal networks. The government’s pursuit of Khoroshev involves tracing cryptocurrency transactions and bank accounts linked to his operations, aiming to follow the money trail to identify key players in cybercrime activities.

As the saga unfolds, the intersection of cyber intelligence, law enforcement, and open-source investigations sheds light on the complex web of illicit activities orchestrated by individuals like Khoroshev. The story underscores the challenges of tracking down elusive cybercriminals and the importance of persistent investigation and collaboration to combat the evolving threat landscape in the digital realm.

Source link

Latest articles

Government believes online crime will decrease by 70% this year

The 1212ETDA centre has recently been given the authority to address complaints concerning digital...

Hackers Exploiting Image and Video Attachments for Malware Delivery

Cybercriminals have been developing new and sophisticated ways to deliver malware, with a recent...

LevelBlue Wins Top MSS Award from Frost & Sullivan

LevelBlue was recently honored with the prestigious Frost & Sullivan’s 2024 Best Practices Competitive...

Number of Victims Paying Ransom Hits Record Low

An incident response firm recently reported that the percentage of organizations opting to pay...

More like this

Government believes online crime will decrease by 70% this year

The 1212ETDA centre has recently been given the authority to address complaints concerning digital...

Hackers Exploiting Image and Video Attachments for Malware Delivery

Cybercriminals have been developing new and sophisticated ways to deliver malware, with a recent...

LevelBlue Wins Top MSS Award from Frost & Sullivan

LevelBlue was recently honored with the prestigious Frost & Sullivan’s 2024 Best Practices Competitive...