Dmitry Yuryevich Khoroshev was accused of developing malware, recruiting hackers and supervising its operation for a criminal group called LockBit, which was called by experts as the most prolific ransomware gang in the world. Us treasury CNN Dmitry Yuryevich Khoroshev was accused of developing malware, recruiting hackers and supervising its operation for a criminal group called LockBit, which was called by experts as the most prolific ransomware gang in the world.
According to the indictment published in New Jersey, the victims of the organization include hospitals, schools and law enforcement agencies, and hackers have caused "wider losses and billions of dollars in damage". People associated with LockBit claimed responsibility for the ransomware attack in November, which forced Capital Health in New Jersey to cancel some patient appointments and was responsible for the ransomware attacks in Industrial and Commercial Bank of China and Fulton County.
Philip Sellinger, the U.S. attorney in New Jersey, said in a statement that Horoshev "personally embezzled 0 million", equivalent to one-fifth of Hurlock's extortion fee.
Khoroshev was accused of conspiracy to defraud, extortion and telecommunication fraud. CNN tried to contact him for comment.
American officials did not disclose Khoroshev's hiding place, but the State Council offered a reward of million for information on his arrest. The US Treasury Department said in a statement on Tuesday that Russia "continues to provide a safe haven for cyber criminals". Moscow denied the accusation.
In 2021, President Joe Biden urged Russian President Vladimir Putin to crack down on extortion gangs that attacked American infrastructure from Russian territory. However, any faint hope of substantive cooperation between Washington and Moscow on the issue of cyber crime became dim with Russia's full-scale invasion of Ukraine the following year.
Despite the severe crackdown by law enforcement agencies, ransomware continues to cause damage to American enterprises, government agencies and schools of all sizes. Over the weekend, the computer system in Wichita, Kansas was attacked by ransomware, which made it impossible for residents to check their water bills online and caused the departure and arrival screens of the airport to malfunction.
Khoroshev's lawsuit is the latest turning point in the duel that lasted for months. Law enforcement agencies have seized the computer servers used by LockBit, and hackers have claimed to move to other infrastructure.
The US Federal Bureau of Investigation and the National Crime Agency (NCA) said in February this year that they have developed a software that allows "hundreds" of victims around the world to decrypt computers locked by hackers. Hackers try to downplay the damage to their operations, but the continuous efforts to destroy LockBit seem to have an impact.
Impose cognitive fear
The Lockerbie case is remarkable because law enforcement officials in the United States and Europe are using the psychological tactics of hackers to deal with them, which is one of the more active public efforts to spread distrust among cyber criminal groups.
Ransom software groups, including LockBit, use ticking clocks on websites to blackmail victims. If the time is up and they haven't been paid by cryptocurrency, hackers will reveal the data stolen from the victims.
In this case, the FBI, NCA and other law enforcement agencies have used Lockbit's own website to ridicule its members and set up a countdown clock, promising to expose Lockbit's leader.
"It is our real concern to impose cognitive fear on their lives," Tim Court, a senior NCA official involved in the Lockerbie case, said at an event hosted by the Institute for Security and Technology last month.
"These are untested individuals in criminal groups," the court said. He believes that Lockerbie members have no "ideological motivation to bear great pressure". They hide behind the screen. They are usually anonymous. They make a lot of money. "
The court said that the infiltration of Lockerbie Company lasted for two years.
Jon DiMaggio, chief security strategist of Analyst1, a network security company that closely studies LockBit, said that NCA completely destroyed LockBit's infrastructure, so that they could access the latest version of ransomware that hackers were preparing to release.