Leader of world's 'most prolific ransomware group' charged in Lockbit case — $10 million reward

7 months ago 31
Chattythat Icon

Dmitry Yuryevich Khoroshev, Russian national and a leader of LockBit.

Courtesy: U.S. Department of the Treasury

Federal prosecutors on Tuesday announced criminal charges against a Russian national, Dimitry Yuryevich Khoroshev, for allegedly creating, developing, and administrating the LockBit ransomware-as-service group.

The U.S. State Department at the same time offered a $10 million reward for information leading to the apprehension and arrest of Khoroshev, a 31-year-old from Voronezh, Russia.

The Treasury Department also imposed sanctions on Khoroshev, blocking all property and interests he holds in the United States or are in the possession of Americans.

The Department of Justice said the Lockbit group led by Khoroshev at times was "the most prolific ransomware group in the world," targeting more than 2,000 victims, most of them in the United States, stealing more than $500 million in ransomware payments, and causing billions of dollars more in broader losses including lost revenue.

LockBit's ransomware-as-service model licensed its software to other cybercriminals in exchange for payments that included a percentage of ransoms paid by victims, who included "individuals, small businesses, multinational corporations, hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies," according to the DOJ.

Khoroshev, who also is known as LockBitSupp, LockBit, and putinkrab, was charged in a 26-count indictment in U.S. District Court in New Jersey, which accuses him of personally pocketing at least $100 million from victims of the group. He typically received 20% of each ransom payment, authorities said.

Read more CNBC politics coverage

The charges, unsealed Tuesday, come three months after law enforcement in the United Kingdom, working with the DOJ, FBI and other international agencies, seized public websites used by LockBit, and seized control of servers used by administrators for the group.

The DOJ said that LockBit infrastructure seized by law enforcement in February showed "that Khoroshev retained copies of data stolen from LockBit victims who had paid the demanded ransom."

Khoroshev is the sixth LockBit member charged with crimes related to the group. One of them, Ruslan Magomedovich Astamirov, is in custody awaiting trial in New Jersey federal court, while another, Mikhail Vasiliev, is in custody in Canada awaiting extradition to the United States.

Khoroshev is charged with conspiracy to commit fraud, extortion, and related activity in connection with computers; conspiracy to commit wire fraud; intentional damage to a protected computer; extortion in relation to confidential information from a protected computer; and extortion in relation to damage to a protected computer.

He faces a maximum possible sentence of 185 years in prison if convicted.

"The LockBit ransomware group represented one of the most prolific ransomware variants across the globe, causing billions of dollars in losses and wreaking havoc on critical infrastructure, including schools and hospitals," said FBI Director Christopher Wray in a statement.

Read Entire Article