Allies of the U.S. accuse a Russian man of running a ransomware group, which allegedly extracted hundreds of millions of dollars from victims.
Dmitry Yuryevich Khoroshev stands accused of creating malicious software, enlisting hackers, and overseeing ransomware activities for the notoriously prolific cybercrime group known as LockBit. This gang, according to experts, has become the world's most successful ransomware organization.
Many well-known institutions, such as hospitals, schools, and law enforcement departments, have all fallen victim to LockBit's criminal activities, resulting in billions of dollars in broader losses and damages, as outlined in a recently unsealed indictment from the District of New Jersey. The gang boasted responsibility for a ransomware assault in November which led to cancelled medical appointments at Capital Health in New Jersey, and for attacks on the Industrial and Commercial Bank of China and Fulton County.
Khoroshev is said to have personally taken home $100 million, which accounts for 20% of LockBit's ill-gotten gains, as stated by Philip Sellinger, the US attorney for the District of New Jersey.
The charges against Khoroshev include conspiracy to commit fraud, extortion, and wire fraud, among others. CNN has attempted to contact him for a response.
The US government has not disclosed Khoroshev's whereabouts, but the State Department has offered a $10 million reward for information leading to his capture. The Treasury Department stated that "Russia continues to provide safe haven for cybercriminals." Moscow has denied the allegations.
In the past, Biden implored Putin to take action against ransomware groups that were attacking US facilities from Russian soil. However, this cooperation between Washington and Moscow on cybercrime appeared to fade with Russia's full-scale invasion of Ukraine the following year.
Although law enforcement efforts continue to disrupt ransomware attacks, they remain a significant problem for US businesses, government agencies, and schools of various sizes. A recent ransomware attack in Wichita, Kansas, hindered residents' access to water bills online and led to departure and arrival screens at the airport malfunctioning.
Khoroshev's indictment represents another turn in a long-standing battle between law enforcement agencies and LockBit. In February, the FBI and UK National Crime Agency claimed that they had developed software that would enable "hundreds" of victims worldwide to regain control of their locked computers. While the hackers have tried to downplay the damage, the persistent efforts to disrupt LockBit seem to be effective.
The FBI, NCA, and other agencies are using the hackers' own psychological tactics against them in an aggressive campaign to disrupt LockBit and sow distrust within the cybercriminal community. Ransomware groups, like LockBit, often employ a ticking clock on the websites where they extort their victims. If victims don't pay in cryptocurrency by the time the clock expires, the hackers leak data stolen from the victims.
In this case, the FBI, NCA, and other agencies have used LockBit's own websites to harass and intimidate its members by threatening to disclose the ringleader's identity. They also included a countdown clock that promised to reveal the group's leader.
Tim Court, a senior NCA official involved in the LockBit case, stated at an Institute for Security and Technology event last month: "Imposing cognitive fear in their life was something we really focused on."
According to Court, the operation to infiltrate LockBit's operations lasted two years. The NCA's infiltration has allowed them to access the hackers' most recent ransomware version that they were planning on releasing, said Jon DiMaggio, chief security strategist at cybersecurity company Analyst1.
Read also:
- Year of climate records: extreme is the new normal
- Precautionary arrests show Islamist terror threat
- UN vote urges Israel to ceasefire
- SPD rules out budget resolution before the end of the year
Source: edition.cnn.com
