Dark Mode Light Mode

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow Us
Follow Us
Login Login

US sanctions LockBit members following the removal of ransomware.

Two prominent members of LockBit, a Russian-speaking hacking and extortion organization that is accused of launching ransomware attacks against victims in the United States and abroad, have been sanctioned by the U.S. government.

The U.S. Treasury confirmed in a Tuesday post that two Russian nationals, Artur Sungatov and Ivan Gennadievich Kondratiev, will be sanctioned.

On Tuesday, U.S. prosecutors indicted Sungatov and Kondratiev separately for their alleged affiliation with LockBit.

Additionally, Kondratiev is suspected of having ties to the ransomware organizations REvil, RansomEXX, and Avaddon.

“Attempts to extort and steal from our citizens and institutions will not be tolerated in the United States,” said Wally Adeyemo, deputy secretary of the Treasury of the United States. “Our government-wide defense against malicious cyber activities will continue, and we will employ every available tool to hold accountable the actors that enable these threats.”

U.S. businesses and individuals are now prohibited from paying or conducting business with the sanctioned entities as a result of the newly imposed sanctions. This is a common strategy employed to dissuade American victims from paying a ransom demanded by hackers.

By sanctioning the perpetrators of cyberattacks, it becomes more challenging for individual hackers to generate profits from ransomware, as opposed to focusing on groups that can evade sanctions by rebranding or changing their identities.

Violators of U.S. sanctions legislation, including organizations that remunerate a sanctioned hacker, may face severe penalties and criminal prosecution.

Hours after U.S. and U.K. authorities declared a global law enforcement operation with the objective of disrupting LockBit’s infrastructure and operations, the sanctions were lifted. The confiscation of LockBit’s infrastructure on the organization’s dark web breach site, which was previously employed to disseminate pilfered information from victims in exchange for a ransom, was declared by the authorities.

LockBit was founded in 2019, and since then, its operators have been accused by U.S. prosecutors of employing ransomware in over 2,000 cyberattacks against victims in the U.S. and abroad and of receiving approximately $120 million in ransom payments.

Millions of individuals’ personal information was compromised in hundreds of breaches attributed to LockBit over the years. Among these were the California Department of Finance, the U.K. postal service Royal Mail, and the U.S. dental insurance behemoth MCNA.

The latest round of U.S. sanctions, which were announced on Tuesday, target the hackers responsible for LockBit and other prolific ransomware groups.

Mikhail Vasiliev, a dual national of Russia and Canada, was apprehended in 2022 on suspicion of orchestrating numerous LockBit ransomware attacks. Similar allegations led to the apprehension of Ruslan Magomedovich Astamirov by U.S. authorities one year later. As of yet, both perpetrators are detained pending trial.

Mikhail Pavlovich Matveev, a Russian national and the third suspect, was implicated in multiple ransomware campaigns, one of which was LockBit. In 2023, the United States imposed sanctions against the unidentified Matveev, which prohibited American victims from remitting ransom to him or his affiliated ransomware groups, Hive and Babuk. Additionally, the United States government is offering a $10 million reward for information that could result in the apprehension of Matveev.

Tuesday’s announcement by the U.S. government failed to provide an identity for the alleged LockBit ringleader, also known as LockBitSupp. On Friday, law enforcement is expected to release additional information regarding the alleged leader, including the terms of a $10 million reward for information leading to their location or identification, according to the now-seized LockBit dark web breach site.

With the exception of sanctions, victims are not prohibited from paying ransoms in the United States. However, the FBI has consistently advised victims against doing so, citing concerns over the potential for hackers to continue cyberattacks. According to security researchers, ransomware victims who acquiesce to the demand for ransom are prone to encountering successive ransomware attacks.

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Add a comment Add a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Uber trying local shop prepaid-item pickup in India

Next Post

MariaDB's possible acquisition agreement reflects the excessive enthusiasm for SPACs in 2021.

Advertisement