Two individuals from Russia have confessed in a U.S. court for their involvement as partners in the LockBit ransomware scheme and aiding ransomware assaults globally.
The accused are Ruslan Magomedovich Astamirov, aged 21, from Chechen Republic, and Mikhail Vasiliev, aged 34, a dual Canadian and Russian citizen residing in Bradford, Ontario.
Astamirov got apprehended in Arizona by U.S. law enforcement authorities in May 2023. Vasiliev, who was already sought for similar accusations in Canada, was sentenced to almost four years in confinement. Later, he was extradited to the U.S. the previous month.
The announcement comes approximately more than two months subsequent to the revelation by the U.K. National Crime Agency (NCA) about uncovering a 31-year-old Russian individual named Dmitry Yuryevich Khoroshev as the leader and creator of the LockBit ransomware operation.
LockBit, which is approximated to have targeted over 2,500 organizations ever since its emergence towards the conclusion of 2019, earning at least about $500 million in ransom money from their targets.
Earlier this year, the e-crime group experienced a substantial setback after its online infrastructure was dismantled as part of a coordinated law enforcement mission referred to as Cronos. Nonetheless, the group is still operational.
Vasiliev and Astamirov “initially would detect and illegitimately breach vulnerable computing systems,” as per the U.S. Justice Department expressed. “They would subsequently execute LockBit ransomware on the victim systems and both seize and encrypt stored data.”
“Subsequent to a successful LockBit assault, the affiliates of LockBit would then seek a ransom from the victims in return for decrypting the victims’ data and erasing pilfered data.”
Astamirov (also known as BETTERPAY, offtitan, and Eastfarmer) is reported to have used LockBit against no less than 12 victims from 2020 to 2023, amassing $1.9 million in ransom money from victims located in the U.S. state of Virginia, Japan, France, Scotland, and Kenya.
He has confessed to a collusion in computer fraud and abuse and a conspiracy in wire fraud. These dual charges carry a maximum sentence of 25 years in jail.
Similarly, Vasiliev – under the monikers Ghostrider, Free, Digitalocean90, Digitalocean99, Digitalwaters99, Newwave110 – deployed the ransomware against 12 companies in the U.S. states of New Jersey and Michigan, along with the U.K. and Switzerland.
Vasiliev faces a potential 45-year sentence for offenses linked to a conspiracy to commit computer fraud and abuse, deliberate harm to a safeguarded computer, transmission of a threat regarding harming a safeguarded computer, and a conspiracy in wire fraud.
Both accused persons are scheduled for sentencing on January 8, 2025. Khoroshev was formally accused on 26 charges earlier this May for heading the LockBit operation, although his whereabouts remain unknown.
“There is a prevalent false belief that cyber criminals can evade apprehension by law enforcement because they are more intelligent and astute than us,” remarked James E. Dennehy, FBI special agent overseeing the Newark Field Office.
“The admission of guilt by two members of the LockBit affiliate in U.S. federal court illustrates that we can intercept them and bring them to justice. These malicious wrongdoers think they can engage in illegitimate activities without fear of repercussions – assuming they are safe and shielded in a nation.”
About Author
