A hacker, allegedly associated with various devastating ransomware strains, is under scrutiny for attacking multiple victims, including police departments, hospitals, and the Colonial Pipeline. This narrative involves a Russian man charged by the U.S. authorities for his purported involvement in several lucrative ransomware operations. A substantial amount of his ill-gotten wealth, almost $200 million, was routed through cryptocurrency channels.
Ransomware Campaigns: A Web of Victims
Among the many casualties of these meticulously planned ransomware attacks were hospitals, schools, and police departments. These institutions, cornerstones of public life, were particularly vulnerable and ideal targets for cybercriminals.
The key figure in this digital menace, Mikhail Pavlovich Matveev, was believed to be part of three notorious ransomware syndicates: Lockbit, Babuk, and Hive. Together, they successfully extorted nearly $200 million from their victims, despite initial demands exceeding $400 million, according to data from the Department of Justice.
Online, Matveev operated under a cloak of anonymity, using various pseudonyms such as “Wazawaka,” “m1x”, “Boriselcin,” and “Uhodiransomwa.” This tactic made his identification and capture significantly more difficult for authorities.
Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division responded to these globally-reaching cybercrimes with a stern message: “These international crimes demand a coordinated response. We will not relent in imposing consequences on the most egregious actors in the cybercrime ecosystem.”
Matveev’s Unraveling Web of Cybercrime
Among Matveev’s alleged crimes, one included orchestrating a Babuk ransomware attack on the Metropolitan Police Department in Washington, D.C. in April 2021. A similar attack was executed on a New Jersey nonprofit behavioral healthcare organization in May 2022.
In the former incident, the culprits threatened to release sensitive materials to the public unless a hefty ransom was paid. Globally, Babuk ransomware actors have executed at least 65 attacks since December 2020, demanding $49 million in payments, and receiving at least $13 million.
In a revelation from cybersecurity journalist Brian Krebs in January 2022, Mateev was reported to have claimed affiliation with the infamous Darkside ransomware group. Darkside was notoriously responsible for a crippling ransomware attack against the Colonial Pipeline in 2021, successfully forcing the victims to part with 63.7 BTC.
The Rising Trend of Cryptocurrency in Ransomware Attacks
Since 2021, cryptocurrencies such as Bitcoin have increasingly become favored tools for conducting ransomware attacks. Unlike traditional bank transfers, hackers can maintain anonymity when demanding Bitcoin payments. These payments are irreversible and cannot be reclaimed by any bank or government authority.
However, according to Chainalysis, ransomware revenue substantially declined in 2022, totaling $456.8 million compared to $765.6 million in 2021. This downward shift is attributed to victims’ growing reluctance to pay ransoms, especially as sanctions by the U.S. Treasury Department have made such payments increasingly perilous.
In a landmark achievement in January, the FBI announced the successful dismantling of the HIVE ransomware network, which operated across North America and Europe. This breakthrough signals a positive shift in the ongoing battle against rampant cybercrime.
None of the information on this website is investment or financial advice and does not necessarily reflect the views of CryptoMode or the author. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website by its authors or clients. Always conduct your research before making financial commitments, especially with third-party reviews, presales, and other opportunities.