A Russian national has been charged for his alleged role in the cyberattacks against law enforcement, government agencies, hospitals, and schools. The U.S. Department of Justice unsealed two indictments on Tuesday against Mikhail Pavlovich Matveev, who is known online as Wazawaka, claiming he demanded a total of $400 million from his victims and received roughly $200 million in ransom payments.
“From his home base in Russia, Matveev allegedly used multiple ransomware variants to attack critical infrastructure around the world, including hospitals, government agencies, and victims in other sectors,” Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division said in a DOJ press release. “These international crimes demand a coordinated response. We will not relent in imposing consequences on the most egregious actors in the cybercrime ecosystem.”
Matveev is not believed to have acted alone, according to the release, which stated he was a member of the Lockbit, Babuk, and Hive ransomware gangs, which are “ranked among the most active and destructive cybercriminal threats in the world.” The Babuk gang is said to have deployed ransomware against the Metropolitan Police Department in Washington, D.C. in 2021, infecting the systems with spyware and stealing data to extort the department. The MPD was threatened with disclosing sensitive information unless they paid the ransom. Matveev is also charged with conducting a series of ransomware crimes including multiple Lockbit attacks against a police department and a nonprofit behavioral healthcare organization in New Jersey.
The attacks first began in January 2020, when the Lockbit ransomware group surfaced and has since executed more than 1,400 attacks globally and received more than $75 million in ransom payments. Babuk came on the scene in December of that year, carrying out roughly 65 ransomware attacks globally and receiving at least $13 million in payments. Hive was the final group to issue ransomware attacks beginning in June 2021, affecting an estimated 1,400 victims globally and receiving at least $120 million in ransom payments, according to the DOJ release.
The DOJ is offering a reward of up to $10 million for information that leads to Matveev’s arrest and/or conviction. Matveev is charged with conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers, and if convicted, Matveev faces more than 20 years in prison.
“Thanks to the extraordinary investigative work of prosecutors from my office and our FBI partners, Matveev no longer hides in the shadows – We have publicly identified his criminal acts and charged him with multiple federal crimes,” New Jersey District Attorney Philip R. Sellinger said in the release. “Let today’s charges be a reminder to cybercriminals everywhere – my office is devoted to combatting cybercrime and will spare no resources in bringing to justice those who use ransomware attacks to target victims.”