Mikhail Pavlovich Matveev, a Russian national known by aliases such as Wazawaka, Uhodiransomwar, m1x, and Boriselcin, has been apprehended in Russia for his alleged connections to several notorious hacking groups. Matveev is accused of developing ransomware aimed at encrypting data from commercial entities to demand a ransom for decryption.

Arrest Details

The Russian Ministry of Internal Affairs confirmed Matveev's arrest, stating that enough evidence had been gathered, and his case has been forwarded to the Central District Court in Kaliningrad. The indictment highlights Matveev's creation of specialized malicious software for ransomware activities.

U.S. Charges and Sanctions

The U.S. Justice Department filed charges against Matveev in May 2023, linking him to the Hive and LockBit ransomware operations that attacked various American targets. Further allegations suggest Matveev, under the alias "Orange," was instrumental in founding the Ramp hacking forum and was initially involved with the Babuk ransomware group.

Timeline

June 2020: LockBit ransomware was deployed against a law enforcement agency in Passaic County, New Jersey.

April 2021: Babuk ransomware targeted the systems of the Metropolitan Police Department in Washington, D.C. 3.

May 2022: Hive ransomware allegedly attacked a nonprofit healthcare organization in Mercer County, New Jersey. Matveev's activities have drawn sanctions from the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) for attacking key U.S. entities, including law enforcement and infrastructure.

Bounty and Public Persona

The U.S. Department of State has announced a reward of up to $10 million for information leading to Matveev's arrest or conviction relating to transnational organized crime activities. Despite facing international charges, Matveev has maintained a public online presence, actively communicating with cybersecurity professionals through his Twitter account, RansomBoris, and even jesting at U.S. law enforcement by displaying his wanted poster on a t-shirt.

The link has been copied!