LockBit affiliate ‘Beverley’ is Evil Corp’s Aleksandr Ryzhenkov

As posted by Operation Cronos today:

Aleksandr Ryzhenkov DOB 26/05/1993 has been unmasked by the NCA as the specific member of Evil Corp who is a LockBit affiliate. Ryzhenkov used the affiliate name Beverley, made over 60 LockBit ransomware builds and sought to extort at least $100 million from victims in ransom demands. Ryzhenkov additionally has been linked to the alias mx1r and associated with UNC2165 (an evolution of Evil Corp affiliated actors).

The United Kingdom FCDO, United States OFAC and Australian DFAT also sanctioned Ryzhenkov for his involvement in Evil Corp.

Thanks to the data obtained through Operation Cronos we made this link. We will continue to exploit this data until we have identified many more of you.

Separately, the United States Department of Justice today unsealed a 2023 indictment for Ryzhenkov’s role in BitPaymer ransomware.

TX: Kaufman County Faces Cybersecurity Attack: Courthouse Computer Operations Disrupted
Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach
Cyber-Attack On Bectu’s Parent Union Sparks UK National Security Concerns
Attorney General James Announces Settlement with Wojeski & Company Accounting Firm
Romanian prisoner hacks prison IT system in plot made for a Netflix movie
UK: 'Catastrophic' attack as Russians hack files on EIGHT MoD bases and post them on the dark web

Related: