Excerpt from The Hacker News Article, Published on May 07, 2024
The U.K. National Crime Agency (NCA) has identified Dmitry Yuryevich Khoroshev, a 31-year-old Russian national, as the mastermind behind the infamous LockBit ransomware operation. Khoroshev, also known by aliases such as LockBitSupp and putinkrab, has been subjected to sanctions by various governmental bodies, including the U.K. Foreign, Commonwealth and Development Office, the U.S. Department of the Treasury’s Office of Foreign Assets Control, and the Australian Department of Foreign Affairs.
Europol has announced that authorities have gained access to more than 2,500 decryption keys and are actively reaching out to LockBit victims to provide assistance. Additionally, Khoroshev now faces asset freezes, travel bans, and a substantial reward of up to $10 million from the U.S. Department of State for information leading to his arrest or conviction. The Department of Justice (DoJ) has unsealed an indictment against Khoroshev, charging him with 26 counts, including conspiracy to commit fraud, extortion, and related computer activities. The charges carry a maximum penalty of 185 years in prison, along with significant monetary penalties.
Khoroshev’s arrest comes as part of a broader crackdown on the LockBit ransomware group, following the dismantling of the operation in February under a coordinated operation named Cronos. LockBit, known for its double extortion tactics and ransomware-as-a-service (RaaS) model, has targeted over 2,500 victims worldwide, amassing over $500 million in ransom payments. Despite attempts to resurface post-takedown, LockBit’s activities have been significantly curtailed. The NCA reported a decrease in active affiliates and noted instances where victims did not receive decryption keys even after paying the ransom.
Khoroshev’s involvement in deploying LockBit against Russian victims has raised eyebrows, shedding light on the extent of the group’s operations. His role as a core leader and developer of LockBit underscores his significant impact on the cybercrime landscape. As law enforcement agencies continue their efforts to dismantle ransomware operations, Khoroshev’s identification marks a significant milestone in the fight against cybercrime. However, the broader implications of LockBit’s activities and the evolving tactics of ransomware groups remain areas of concern for cybersecurity experts worldwide.
To delve deeper into this topic, please read the full article on The Hacker News.