DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Ransomware Charges Unsealed Against Russian National in District of Columbia

Posted on May 16, 2023 by Dissent

WASHINGTON – An indictment was unsealed today in the District of Columbia charging a Russian national with participating in a global ransomware campaign which deployed ransomware variants against victims in the District of Columbia, the United States, and around the world. Mikhail Pavlovich Matveev, alleged to use the online monikers Wazawaka, m1x, Broriscelcin, and Uhodiransomwar, 30, of Kaliningrad, Russia, is charged with intentional damage to a protected computer and threats relating to a protected computer.

The charges were announced by U.S. Attorney for the District of Columbia Matthew M. Graves, Special Agent in Charge James Dennehy, of the FBI’s Newark Field Office,

“Data theft and extortion attempts by ransomware groups are corrosive, cynical attacks on key institutions and the good people behind them as they go about their business and serve the public,” said U.S. Attorney Graves. “Whether these criminals target law enforcement, other government agencies, or private companies like health care providers, we will use every tool at our disposal to prosecute and punish such offenses.  Thanks to exceptional work by our partners here, we identified and charged this culprit.”

“We want the indictment, sanctions and reward for Mikhail Matveev to sound an alarm in the ranks of cyber criminals all over the world,” said SAC Dennehy. “The FBI and our law enforcement partners, as well as our international partners, are coming after you. These malicious actors believe they can operate with impunity – and don’t fear getting caught because they sit in a country where they feel safe and protected. That may be the case now, but the safe harbor may not exist forever. When we have an opportunity, we will do everything in our power to bring Matveev and his ilk to justice.”

According to the indictment, from as early as 2020, Matveev was an active member of Babuk, a global ransomware campaign which ranked among the most active and destructive cybercriminal threats in the world. Specifically, on April 26, 2021, the Babuk conspirators deployed Babuk ransomware against the Metropolitan Police Department in Washington, D.C. and then threatened to disclose sensitive information to the public unless a payment was made.  As part of the ransomware conspiracy which attacked MPD, Matveev allegedly intentionally infected MPD’s computer systems with Babuk ransomware, stole data, and then attempted to extort MPD, threatening disclosure of sensitive information unless payment was made. The actions caused at least $5,000 in losses to MPD.

Matveev is also charged with a series of similar crimes in an indictment filed in the District of New Jersey.

Intentional damage to a protected computer carries a statutory maximum of 10 years in prison. Threats relating to a protected computer carries a statutory maximum of 10 years in prison. The charges also carry potential financial penalties. The maximum statutory sentence for federal offenses is prescribed by Congress and is provided here for informational purposes. The sentencing will be determined by the court based on the advisory Sentencing Guidelines and other statutory factors.

This case is being investigated by the FBI’s Newark Field Office with assistance from the FBI’s Washington Field Office, and the Metropolitan Police Department. As part of a broader investigation involving charges in the District of New Jersey, assistance was provided by New Jersey State Police, Newark IRS Criminal Investigation, and the International partners from European Cyber Crime Centre of Europol, National Police Agency of Japan, Gendarmerie Nationale Cyberspace Command of France, National Crime Agency and South West Regional Organized Crime Unit of the United Kingdom, Kantonspolizei Zürich of Switzerland, High-Tech Crime Unit of the Dutch Police Services Agency of the Netherlands, Bundeskriminalamt and Landeskriminalamt of Germany, Mossos d’Esquadra Police Department of Spain, Norwegian Police Service of Norway and Swedish Police Authority of Sweden.

This case is being prosecuted by Assistant U.S. Attorneys Elizabeth Aloi of the U.S. Attorney’s Office for the District of Columbia, and Trial Attorney Ben Proctor of the Justice Department’s Computer Crime and Intellectual Property Section.

An indictment is merely an allegation, and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Source: U.S. Attorney’s Office, District of Columbia

Unsealed indictment in New Jersey: https://www.justice.gov/d9/2023-05/matveev.indictment.pdf

Unsealed indictment in D.C.: https://www.justice.gov/usao-dc/press-release/file/1583786/download

Category: Commentaries and AnalysesGovernment SectorMalwareOf NoteU.S.

Post navigation

← Insured companies more likely to be ransomware victims, sometimes more than once
Justice Department Announces Five Cases as Part of Recently Launched Disruptive Technology Strike Force →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
  • CISA Alert: Updated Guidance on Play Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.