The US Justice Department has filed charges against Russian citizen Mikhail Pavlovich Matveev, also known by various aliases, for his involvement in three ransomware operations that targeted victims across the United States.
Matveev’s affiliation with Russia-linked ransomware variants, such as Hive, LockBit, and Babuk, has raised concerns due to their global impact and substantial financial losses.
The charges highlight Matveev’s active targeting of US businesses and critical infrastructure, including law enforcement agencies in New Jersey and Washington, DC. He has also been sanctioned by the Department of the Treasury’s Office of Foreign Assets Control (OFAC) for launching cyberattacks against US entities.
According to the unsealed indictments and a Justice Department press release, Matveev collaborated with multiple ransomware gangs in attacks on healthcare and law enforcement organizations.
These included the deployment of LockBit ransomware on a law enforcement agency’s network in Passaic County, New Jersey, in June 2020, and the use of malicious payloads on the systems of the Metropolitan Police Department in Washington, DC, in April 2021. Additionally, Matveev and members of the Hive ransomware gang allegedly encrypted the systems of a nonprofit behavioral healthcare organization in Mercer County, New Jersey, in May 2022.
The US Department of State has offered a reward of up to $10 million through the Transnational Organized Crime Rewards Program (TOCRP) for any information leading to Matveev’s arrest or conviction for transnational organized crime. The charges against him highlight the significant and far-reaching impacts of ransomware attacks, causing victims to suffer financial loss, disclosure of sensitive information, and disruptions to critical services.
The US Department of State spokesperson emphasized that Russia has become a safe haven for cybercriminals, enabling them to conduct malicious cyber operations against the US and its allies.
