U.S. Law Enforcement Arrests Russian National for Role in LockBit Ransomware Attacks

• Ruslan Astamirov, a 20-year-old Russian national, has been arrested and charged by U.S. law enforcement for his alleged involvement in executing at least five attacks using the notorious LockBit ransomware, targeting victims across the U.S., Asia, Europe, and Africa from August 2020 to March 2023.
• If convicted, Astamirov could face up to 20 years in prison and a maximum fine of either $250,000, or double the financial gain or loss from the crime, whichever is higher. This marks a continued effort by U.S. law enforcement to disrupt cybercrime operations worldwide.

The US Department of Justice (DoJ) has announced the arrest of a Russian national accused of participating in cyber-attacks using the LockBit ransomware. Ruslan Magomedovich Astamirov, a 20-year-old from the Chechen Republic, allegedly targeted computer systems in the United States, Asia, Europe, and Africa.

This marks the second arrest in six months involving a Russian national linked with the LockBit ransomware. In November last year, Mikhail Vasiliev was apprehended in Canada and is currently awaiting extradition to the U.S. Furthermore, the Justice Department announced the indictment of Mikhail Matveev in May for his alleged involvement in separate plots to deploy LockBit, Babuk, and Hive ransomware variants.

“We will continue to use every tool at our disposal to disrupt cybercrime, and while cybercriminals may continue to run, they ultimately cannot hide

Deputy Attorney General Lisa O. Monaco

Astamirov could face a prison sentence of up to 20 years and a maximum fine of $250,000 or twice the financial gain or loss from his criminal activity, whichever is higher, if convicted.

Deputy Attorney General Lisa O. Monaco declared, “We will continue to use every tool at our disposal to disrupt cybercrime, and while cybercriminals may continue to run, they ultimately cannot hide.”

LockBit

 The LockBit ransomware variant first emerged in January 2020 and is suspected to have ties to Russia. LockBit operators have carried out over 1,400 attacks worldwide, including in the U.S., demanding over $100 million in ransoms. The criminals have already collected tens of millions of dollars in bitcoin ransom payments, as per the criminal complaint.

Earlier this week, cybersecurity agencies worldwide identified the LockBit gang as one of the most significant cybersecurity threats faced by governments and other organizations. In 2022, the group was responsible for 16% of attacks on U.S. public entities, targeting municipal and county governments, public higher education and K-12 schools, and emergency services like law enforcement agencies.