November 29, 2024 at 12:55PM
Russian ransomware affiliate Mikhail Matveev, also known as Wazawaka, was arrested and indicted for his involvement in multiple hacking groups, including LockBit and Babuk. The U.S. has charged him for cyberattacks against American organizations and is offering a $10 million reward for information leading to his conviction.
### Meeting Takeaways
1. **Arrest and Indictment**: Mikhail Pavlovich Matveev, a Russian national and known ransomware affiliate, has been arrested and indicted in Russia for his involvement in various hacking groups.
2. **Identity Confirmation**: Although court documents refer to Matveev simply as a “programmer,” an anonymous source has confirmed his identity. His case is currently being considered by the Central District Court of Kaliningrad.
3. **Accusations**: Matveev is accused of developing “specialized malicious software” designed for ransomware attacks aimed at commercial organizations, with the intention of demanding ransom for data decryption.
4. **U.S. Charges**: In May 2023, the U.S. Justice Department charged Matveev for his role in the Hive and LockBit ransomware operations that targeted U.S. victims.
5. **Notable Affiliations**: Matveev is believed to be the individual known as “Orange,” the original creator of the Ramp hacking forum and the admin of the Babuk ransomware operation.
6. **Criminal Activity Timeline**:
– **June 2020**: Allegedly involved in deploying LockBit ransomware against a law enforcement agency in New Jersey.
– **April 2021**: Allegedly deployed ransomware on the systems of the Metropolitan Police Department in Washington, D.C.
– **May 2022**: Involved in encrypting systems of a nonprofit behavioral healthcare organization in New Jersey using Hive ransomware.
7. **Sanctions**: The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Matveev for conducting cyberattacks against U.S. entities, including law enforcement and critical infrastructure.
8. **Rewards**: The U.S. Department of State is offering a reward of up to $10 million for information leading to Matveev’s arrest or conviction for transnational organized crime.
9. **Online Presence**: Matveev has maintained an active online presence, interacting with cybersecurity professionals and openly discussing his cybercrime activities on his Twitter account, RansomBoris.
10. **Defiance Against Authorities**: Following U.S. sanctions, Matveev publicly taunted law enforcement by posting a picture of his wanted poster on a t-shirt.