Search for an article

Select a plan

Choose a plan from below, subscribe, and get access to our exclusive articles!

Monthly plan

$
13
$
0
billed monthly

Yearly plan

$
100
$
0
billed yearly

All plans include

  • Donec sagittis elementum
  • Cras tempor massa
  • Mauris eget nulla ut
  • Maecenas nec mollis
  • Donec feugiat rhoncus
  • Sed tristique laoreet
  • Fusce luctus quis urna
  • In eu nulla vehicula
  • Duis eu luctus metus
  • Maecenas consectetur
  • Vivamus mauris purus
  • Aenean neque ipsum
Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

HomeCII/OTWazawaka, a Russian Hacker, Charged with Ransomware - Krebs on Security

Wazawaka, a Russian Hacker, Charged with Ransomware – Krebs on Security

Published on

spot_img

A notorious Russian cybercriminal who was identified by KrebsOnSecurity in January 2022 as a prolific member of several top ransomware groups has been named in two separate indictments issued by the US Justice Department. Mikhail Pavolovich Matveev, known by his online aliases “Wazawaka” and “Boriselcin,” is accused of collaborating with three different ransomware gangs that extorted hundreds of millions of dollars from schools, hospitals, government agencies, and companies.

According to indictments filed in New Jersey and the District of Columbia, Matveev was involved in a conspiracy to distribute ransomware from three different strains or affiliate groups, including Babuk, Hive, and LockBit. The prosecutors allege that Matveev and his LockBit conspirators deployed LockBit ransomware against a law enforcement agency in Passaic County, New Jersey, on June 25, 2020. On May 27, 2022, Matveev worked with Hive to ransom a nonprofit behavioral healthcare organization headquartered in Mercer County, New Jersey. And on April 26, 2021, Matveev and his Babuk gang allegedly deployed ransomware against the Metropolitan Police Department in Washington, D.C.

Matveev has been added to the US Department of Treasury’s list of persons with whom it is illegal to transact financially. The US State Department is offering a $10 million reward for the capture and/or prosecution of Matveev. However, he is unlikely to face either as long as he continues to reside in Russia, as he has stated in the past during a January 2021 discussion on a top Russian cybercrime forum. In that discussion, Matveev, under his alleged alter ego Wazawaka, said he had no plans to leave the protection of “Mother Russia.” He believes that traveling abroad is not an option for him, and that Russia would always protect him.

The prosecutors allege that Matveev used a dizzying stream of monikers on the cybercrime forums, including “Boriselcin,” a talkative and brash personality who was simultaneously the public persona of Babuk, a ransomware affiliate program that surfaced on New Year’s Eve 2020. Previous reporting also revealed that Matveev’s alter egos included “Orange,” the founder of the RAMP ransomware forum.

RAMP stands for “Ransom Anon Market Place, and analysts at the security firm Flashpoint say the forum was created “directly in response to several large Dark Web forums banning ransomware collectives on their site following the Colonial Pipeline attack by ransomware group ‘DarkSide.’” Matveev’s alleged cybercriminal handles were all driven by a community-oriented view that when organizations being held for ransom refuse to cooperate or pay up, data stolen from the victim should be published on Russian cybercrime forums for all to plunder, not privately sold to the highest bidder.

As per the indictments returned against him, Matveev is charged with conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers. If convicted, he faces more than 20 years in prison.

Furthermore, it is worth noting that in February 2022, a man who appeared to be identical to the social media photos of Matveev began posting on Twitter a series of bizarre selfie videos in which he lashed out at security journalists and researchers, including the author of this article. While using the same Twitter account, Matveev also dropped exploit code for a widely-used virtual private networking (VPN) appliance.

In conclusion, the indictments delivered by the US Justice Department on Mikhail Pavolovich Matveev, alias “Wazawaka” and “Boriselcin,” are part of the United States’ efforts to bring criminals to justice. Although it is still unclear whether the indictments will lead to his arrest and conviction, the US government is making it clear that they will not tolerate Russian cybercriminals targeting US-based organizations for ransomware attacks.

Source link

Latest articles

DeepSeek R1 Jailbreaked for Malicious Purposes, Developing Keyloggers and Ransomware

The rise in the usage of generative artificial intelligence (GenAI) tools like OpenAI's ChatGPT...

Week in review: NIST selects HQC for post-quantum encryption, 10 classic cybersecurity books.

In a recent development, the National Institute of Standards and Technology (NIST) has chosen...

Uncovering the DevOps Threats: 502 Incidents and 955 Hours of Disruptions in GitHub, GitLab, Atlassian, and Azure DevOps

The DevOps Threats Unwrapped report conducted by the GitProtect research team recently concluded that...

Ethical hackers sought by The Star

In a quiet computer laboratory, a group of students are deeply engrossed in a...

More like this

DeepSeek R1 Jailbreaked for Malicious Purposes, Developing Keyloggers and Ransomware

The rise in the usage of generative artificial intelligence (GenAI) tools like OpenAI's ChatGPT...

Week in review: NIST selects HQC for post-quantum encryption, 10 classic cybersecurity books.

In a recent development, the National Institute of Standards and Technology (NIST) has chosen...

Uncovering the DevOps Threats: 502 Incidents and 955 Hours of Disruptions in GitHub, GitLab, Atlassian, and Azure DevOps

The DevOps Threats Unwrapped report conducted by the GitProtect research team recently concluded that...