Connect with us


U.S. sanctions, indicts Russian national for leading LockBit ransomware group –



The U.S. State Department is offering up to a $10 million reward for information leading to the arrest and conviction of Dmitry Yuryevich Khoroshev, a Russian national and alleged leader of the Russia-based LockBit ransomware group. Photo courtesy of U.S. State Department/Website

May 7 (UPI) — The United States and its allies on Tuesday sanctioned and indicted Dmitry Yuryevich Khoroshev, a Russian national accused of leading the Russia-based LockBit ransomware group that extorted hundreds of millions in ransom payments from victims worldwide.

The Biden administration on Tuesday announced Khoroshev’s sanctions, indictment and a reward of up to $10 million for information leading to his arrest and/or conviction for conspiring and participating in organized transnational crime.

“Today’s action reaffirms our commitment to dismantling the ransomware ecosystem and exposing those who seek to conduct these attacks against the United States, our critical infrastructure and our citizens,” Brian Nelson, undersecretary of the Treasury for Terrorism and Financial Intelligence, said in a press release.

“The United States, in close coordination with our British and Australian partners, will continue to hold accountable the individuals responsible for these disruptive and threatening activities.”

The Department of Justice and FBI collaborated with Britain’s National Crime Agency, Australian Federal Police and other international partners to indict Khoroshev for his alleged organized criminal activities.

Law enforcement officials in Britain and Australia likewise announced respective indictments and sanctions on Khoroshev.

“Together, with our allies, we will continue to crack down on hostile cyber activity, which is destroying livelihoods and business across the world,” Britain’s sanctions minister, Anne-Marie Trevelyan, said in a statement.

“In sanctioning one of the leaders of LockBit we are taking direct action against those who continue to threaten global security, while simultaneously exposing the malicious cyber-criminal activity emanating from Russia.”

The Treasury describes Khoroshev, 31, as a “core LockBit group leader and developer of the LockBit ransomware” who “performed a variety of operational and administrative roles for the cybercrime group” while enriching himself.

The Justice Department said he was the creator, developer and administrator of the LockBit ransomeware group.

LockBit is one of the world’s most active ransomware groups and has targeted more than 2,500 victims around the world while collecting more than $500 million in ransom payments, according to U.S. officials.

The group is accused of infecting the devices of victims with its LockBit malicious software that prevents access to files, system or networks until a ransom is paid.

Khoroshev is accused of being a leader of the cybercriminal organization, with the Treasury stating they operate out of Russia where they enjoy a “safe harbor” to “launch ransomware attacks against the United States and its allies and partners.”

The ransomware attacks include those targeting organizations across many critical infrastructure sectors, including healthcare, emergency services, education and financial services.

The Justice Department on Tuesday said Khoroshev has been charged with committing and conspiring to commit LockBit attacks in a 26-count indictment that was returned by a New Jersey grand jury, and follows the disruption and seizure of LockBit’s technical infrastructure in February.

He is the sixth LockBit member to be charged by the United States.

“Identifying and charging Khoroshev is an immense achievement,” Nicole Argentieri, principal deputy assistant attorney general and head of the criminal division, said in a recorded statement.

“But our work to bring LockBit’s members to justice is not done.”

LockBit at times engaged in what the Treasury calls “double extortion tactics” where the ransomware removes large amounts of data before encrypting the computer systems of its targeted victims and demanding ransom payments.

LockBit also licensed its ransomware technology to other criminal organizations in exchange for a fee, including a percentage of paid ransoms, according to the Treasury.

Continue Reading