The US Department of Justice has filed charges against a Russian citizen named Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for his involvement in three ransomware operations targeting victims across the United States. United.
Matveev’s association with Russian-linked ransomware variants, including Hive, LockBit, and Babuk, has drawn law enforcement attention due to their global impact and substantial financial losses.
“Matveev is responsible for multiple ransomware variants as an affiliate and has actively targeted US businesses and critical infrastructure,” FBI Special Agent James E. Dennehy said at a press conference today.
“The critical infrastructure attacks involved two law enforcement agencies, the Prospect Park Police Department here in New Jersey and the Metropolitan Police Department in Washington DC.”
Mikhail Matveev was also sanctioned by the Treasury Department’s Office of Foreign Assets Control (OFAC) for launching cyberattacks against U.S. entities, including U.S. critical infrastructure organizations and law enforcement.
“Matveev was vocal about his illegal activities. He has provided insight into his cybercrimes in media interviews, leaked exploit code to online criminals, and said his illicit activities would be tolerated by local authorities provided he remained loyal to the law. Russia,” OFAC said. said.
According to a Department of Justice press release and unsealed indictments in New Jersey and the District of ColombiaMatveev has worked with at least three ransomware gangs in attacks on healthcare and law enforcement agencies:
- In June 2020, co-conspirators Matveev and LockBit allegedly deployed LockBit ransomware on the network of a law enforcement agency in Passaic County, New Jersey.
- In April 2021, the accused and Babuk ransomware accomplices allegedly deployed malicious payloads to the systems of the Metropolitan Police Department in Washington, D.C.
- In May 2022, members of a ransomware gang Matveev and Hive allegedly encrypted the systems of a nonprofit behavioral healthcare organization headquartered in Mercer County, New Jersey.
The US State Department also announced a substantial reward of up to $10 millionunder the Transnational Organized Crime Rewards Program (TOCRP), for any information that may lead to the arrest or conviction of Matveev for transnational organized crime.
“The impacts of ransomware attacks are significant and far-reaching, with victims experiencing loss and disclosure of sensitive information and disruption of critical services,” said US State Department spokesman Matthew Miller.
“Russia is a haven for cybercriminals, an environment in which ransomware actors are free to conduct malicious cyber operations against the United States and our partners and allies.”