Security News > 2023 > May > Russian ransomware affiliate charged with attacks on critical infrastructure
The U.S. Justice Department has filed charges against a Russian citizen named Mikhail Pavlovich Matveev for involvement in three ransomware operations that targeted victims across the United States.
"Matveev is responsible for multiple ransomware variants as an affiliate and has actively targeted U.S. businesses and critical infrastructure," FBI Special Agent James E. Dennehy said in a press conference today.
"The attacks on critical infrastructure involved two law enforcement agencies, the Prospect Park Police Department, here in New Jersey, and the Metropolitan Police Department in Washington DC.".
Mikhail Matveev was also sanctioned by the Department of the Treasury's Office of Foreign Assets Control for launching cyberattacks against U.S. entities, including U.S. critical infrastructure organizations and law enforcement.
In June 2020, Matveev and LockBit coconspirators allegedly deployed LockBit ransomware on the network of a law enforcement agency in Passaic County, New Jersey.
In April 2021, the defendant and Babuk ransomware coconspirators allegedly deployed malicious payloads on the systems of the Metropolitan Police Department in Washington, D.C. In May 2022, Matveev and Hive ransomware gang members allegedly encrypted the systems of a nonprofit behavioral healthcare organization headquartered in Mercer County, New Jersey.
News URL
Related news
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)