WASHINGTON – An indictment was unsealed today in the District of Columbia charging a Russian national with participating in a global ransomware campaign which deployed ransomware variants against victims in the District of Columbia, the United States, and around the world. Mikhail Pavlovich Matveev, alleged to use the online monikers Wazawaka, m1x, Broriscelcin, and Uhodiransomwar, 30, of Kaliningrad, Russia, is charged with intentional damage to a protected computer and threats relating to a protected computer.
The charges were announced by U.S. Attorney for the District of Columbia Matthew M. Graves, Special Agent in Charge James Dennehy, of the FBI’s Newark Field Office,
“Data theft and extortion attempts by ransomware groups are corrosive, cynical attacks on key institutions and the good people behind them as they go about their business and serve the public,” said U.S. Attorney Graves. “Whether these criminals target law enforcement, other government agencies, or private companies like health care providers, we will use every tool at our disposal to prosecute and punish such offenses. Thanks to exceptional work by our partners here, we identified and charged this culprit.”
“We want the indictment, sanctions and reward for Mikhail Matveev to sound an alarm in the ranks of cyber criminals all over the world,” said SAC Dennehy. “The FBI and our law enforcement partners, as well as our international partners, are coming after you. These malicious actors believe they can operate with impunity – and don’t fear getting caught because they sit in a country where they feel safe and protected. That may be the case now, but the safe harbor may not exist forever. When we have an opportunity, we will do everything in our power to bring Matveev and his ilk to justice.”
According to the indictment, from as early as 2020, Matveev was an active member of Babuk, a global ransomware campaign which ranked among the most active and destructive cybercriminal threats in the world. Specifically, on April 26, 2021, the Babuk conspirators deployed Babuk ransomware against the Metropolitan Police Department in Washington, D.C. and then threatened to disclose sensitive information to the public unless a payment was made. As part of the ransomware conspiracy which attacked MPD, Matveev allegedly intentionally infected MPD’s computer systems with Babuk ransomware, stole data, and then attempted to extort MPD, threatening disclosure of sensitive information unless payment was made. The actions caused at least $5,000 in losses to MPD.
Matveev is also charged with a series of similar crimes in an indictment filed in the District of New Jersey.
Intentional damage to a protected computer carries a statutory maximum of 10 years in prison. Threats relating to a protected computer carries a statutory maximum of 10 years in prison. The charges also carry potential financial penalties. The maximum statutory sentence for federal offenses is prescribed by Congress and is provided here for informational purposes. The sentencing will be determined by the court based on the advisory Sentencing Guidelines and other statutory factors.
This case is being investigated by the FBI’s Newark Field Office with assistance from the FBI’s Washington Field Office, and the Metropolitan Police Department. As part of a broader investigation involving charges in the District of New Jersey, assistance was provided by New Jersey State Police, Newark IRS Criminal Investigation, and the International partners from European Cyber Crime Centre of Europol, National Police Agency of Japan, Gendarmerie Nationale Cyberspace Command of France, National Crime Agency and South West Regional Organized Crime Unit of the United Kingdom, Kantonspolizei Zürich of Switzerland, High-Tech Crime Unit of the Dutch Police Services Agency of the Netherlands, Bundeskriminalamt and Landeskriminalamt of Germany, Mossos d’Esquadra Police Department of Spain, Norwegian Police Service of Norway and Swedish Police Authority of Sweden.
This case is being prosecuted by Assistant U.S. Attorneys Elizabeth Aloi of the U.S. Attorney’s Office for the District of Columbia, and Trial Attorney Ben Proctor of the Justice Department’s Computer Crime and Intellectual Property Section.
An indictment is merely an allegation, and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
Source: U.S. Attorney’s Office, District of Columbia
Unsealed indictment in New Jersey: https://www.justice.gov/d9/2023-05/matveev.indictment.pdf
Unsealed indictment in D.C.: https://www.justice.gov/usao-dc/press-release/file/1583786/download