Friday, January 17, 2025
HomeCyber Security NewsRansomware Developer Mikhail Matveev Arrested in Russia

Ransomware Developer Mikhail Matveev Arrested in Russia

Published on

SIEM as a Service

Follow Us on Google News

Russian authorities have arrested Mikhail Matveev, a notorious Russian hacker linked to multiple ransomware attacks worldwide.

Matveev, who was also known by online aliases such as Wazawaka, Uhodiransomwar, m1x, and Boriselcin, was detained in Kaliningrad, Russia, following an investigation into his alleged cybercrimes.

According to a RIA Novosti source, the Kaliningrad Interior Ministry and the prosecutor’s office have forwarded the case against Matveev to the Central District Court of Kaliningrad for consideration.

Key Points:

  • Mikhail Matveev Arrested: Matveev, a notorious Russian hacker known by aliases like Wazawaka and Boriselcin, has been detained in Kaliningrad, Russia, for his involvement in ransomware attacks.
  • Charges and Evidence: He faces charges in Russia under Article 273 of the Criminal Code for creating malicious software intended for unauthorized destruction, blocking, modification, or copying of computer information.
  • Ransomware Activities: Matveev is linked to groups like Hive, LockBit, and Babuk, targeting critical infrastructure such as law enforcement, healthcare, and governmental institutions with ransomware attacks.
  • U.S. Charges and Reward: The U.S. Department of Justice charged Matveev in May 2023, with the State Department offering up to $10 million for information leading to his arrest or conviction.
  • High-Profile Attacks: His attacks include those on Passaic County law enforcement, a New Jersey nonprofit healthcare organization, and the Metropolitan Police Department in Washington, D.C.
  • International Implications: Matveev’s arrest in Russia complicates U.S. efforts to prosecute him, highlighting the challenges of cross-border law enforcement in cybercrime cases.

The charges against him stem from his involvement in developing and deploying sophisticated ransomware programs, which were used to infiltrate and encrypt data of numerous organizations, including law enforcement agencies and healthcare providers, with the intent of extorting ransom payments.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Matveev’s cyber activities targeted critical infrastructure worldwide, resulting in damages amounting to millions of dollars.

His associations with ransomware groups like Hive, LockBit, and Babuk have been well-documented, and he has openly boasted about his criminal endeavors, claiming protection from local authorities as long as he remained loyal to Russia.

The U.S. Department of Justice had previously charged Matveev in May 2023 for his role in these ransomware schemes, leading to the U.S. State Department announcing a reward of up to $10 million for information leading to his arrest or conviction.

Despite this, his arrest in Russia poses significant challenges to U.S. efforts to prosecute him.

Among the high-profile attacks attributed to Matveev include a ransomware attack on a law enforcement agency in Passaic County, New Jersey, a nonprofit behavioral healthcare organization in Mercer County, New Jersey, and the Metropolitan Police Department in Washington, D.C.

These attacks compromised sensitive data and resulted in substantial financial losses for the victims.

Matveev’s arrest marks a significant event in the ongoing battle against cybercrime, although it remains to be seen how his case will proceed in Russian courts and what implications it might have on international cybercrime investigations.

His detention underscores the complexities of cross-border law enforcement in the digital age, where hackers can operate with relative impunity, often shielded by geopolitical tensions.

Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Exploiting California Wildfire Sparks to Launching Phishing Attacks

As California grapples with devastating wildfires, communities are rallying to protect lives and property....

AIRASHI Botnet Exploiting 0-Day Vulnerabilities In Large Scale DDoS Attacks

AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August...

New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware

Botnets are the networks of compromised devices that have evolved significantly since the internet's...

FTC Slams GoDaddy For Not Implement Standard Security Practices Following Major Breaches

The Federal Trade Commission (FTC) has announced that it will require GoDaddy Inc. to...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Hackers Exploiting California Wildfire Sparks to Launching Phishing Attacks

As California grapples with devastating wildfires, communities are rallying to protect lives and property....

AIRASHI Botnet Exploiting 0-Day Vulnerabilities In Large Scale DDoS Attacks

AISURU botnet launched a DDoS attack targeting Black Myth: Wukong distribution platforms in August...

New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware

Botnets are the networks of compromised devices that have evolved significantly since the internet's...