Sergiu Gatlan reports:
Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hacking groups.
While the prosecutor’s office has yet to release any details on the individual’s identity (described as a “programmer” in court documents), the individual is Matveev, according to an anonymous source of the Russian state-owned news agency RIA Novosti.
Read more at BleepingComputer.
In 2023, in an online interview with TechCrunch, Matveev described his reaction to being put on the FBI’s most wanted list:
“We are Russian people, we are not afraid of the American government,” Matveev told TechCrunch in an online interview. “My life has changed for the better after the sanctions, I don’t feel them on me, as well as sanctions are a plus for my security, so sanctions help us.”
In an interview where he answered both in English and in Russian, Matveev said that being sanctioned means Russia will not deport him.
Well, maybe Russia won’t deport him, but he may be facing years in a penal colony under harsh conditions.
Why did Russian arrest him now? What have they arrested him at all? Why are alleged members of REvil who thought they would be immune now awaiting sentencing? Russian threat actors have always reported feeling somewhat safe from law enforcement at home and abroad — as long as they stayed in Russia and never attacked Russian or CIS entities.
So what is Russia doing and why?