39° and Overcast
Russian National Arrested for Major LockBit Ransomware Attacks Against International Businesses
20-year-old Ruslan Magomedovich Astamirov is the third defendant charged in the global LockBit ransomware campaign, implicating over $100 million in ransom demands.
NEWARK, NJ - The U.S. Justice Department has charged a Russian national, Ruslan Magomedovich Astamirov, for his involvement in numerous cyberattacks, including the deployment of the LockBit ransomware against computer systems across the United States, Asia, Europe, and Africa.
Astamirov, a 20-year-old resident of the Chechen Republic in Russia, is accused of conspiring to commit wire fraud and intentionally damage protected computers to transmit ransom demands. His arrest in Arizona marks the third defendant charged by the U.S. Attorney's Office in the global LockBit ransomware campaign and the second to be apprehended.
"The LockBit conspirators and any other ransomware perpetrators cannot hide behind imagined online anonymity. We will continue to work tirelessly with all our law enforcement partners to identify ransomware perpetrators and bring them to justice,” U.S. Attorney Sellinger stated.
Documents filed in this case reveal that the LockBit ransomware variant first appeared around January 2020. The cybercriminals behind LockBit have executed over 1,400 attacks globally, leading to over $100 million in ransom demands. Victims have reportedly paid tens of millions of dollars in bitcoin to the attackers.
Astamirov's arrest follows charges related to LockBit in two other cases from the District of New Jersey. In November 2022, the department announced criminal charges against Mikhail Vasiliev, who is currently in custody in Canada awaiting extradition to the United States. In May 2023, the department announced the indictment of Mikhail Pavlovich Matveev for his alleged participation in separate conspiracies to deploy LockBit, Babuk, and Hive ransomware variants against victims in the United States and abroad.
Astamirov faces a maximum sentence of five years in prison for conspiring to intentionally damage protected computers and transmit ransom demands, and a maximum of 20 years for conspiring to commit wire fraud. Both charges carry a maximum fine of either $250,000 or twice the gain or loss from the offense, whichever is higher.
Investigation into the case is being conducted by the FBI Newark Field Office’s Cyber Crimes Task Force and an array of international law enforcement agencies.
It's important to note that the charges and allegations contained in the complaint are merely accusations, and the defendant is presumed innocent unless and until proven guilty.
