U.S. Charges Developer Of LockBit For Billions In Ransomware Damages

The U.S. Department of Justice (DoJ) on Friday charged a dual Russian and Israeli national for his role as a software developer in the notorious LockBit ransomware group that targeted thousands of victims around the world, including hospitals.

Rostislav Panev, 51, was arrested in Israel in August this year, pursuant to a U.S. provisional arrest request with the intent of extradition to the United States, the department said.

Panev is currently in custody in Israel and is awaiting extradition to the United States.

Panev is accused of serving as a developer of the LockBit ransomware group from its inception in or around 2019 through at least February 2024.

During this period, the LockBit group became the most active and destructive ransomware group in the world, targeting more than 2,500 victims across 120 countries, including 1,800 in the United States, the U.S. DoJ said.

The victims of the LockBit group comprised individuals, small businesses, and multinational corporations, including hospitals, schools, non-profit organizations, critical infrastructure, and government and law-enforcement agencies.

Further, LockBitโ€™s members managed to extract at least $500 million in ransom payments from their victims and caused billions of dollars in damages.

According to the complaint, Panev is accused of designing the LockBit malware code and maintaining the infrastructure on which LockBit operated.

At the time of Panevโ€™s arrest in Israel in August, law enforcement agencies found that he had administrator credentials for an online repository hosted on the dark web that stored source code for multiple versions of the LockBit builder, which were used by the affiliates to create custom builds of the ransomware.

Additionally, the source code for LockBitโ€™s StealBit tool that helped its affiliates exfiltrate data stolen through the attack and access credentials for the LockBit control panel were also discovered by the law enforcement agencies on that repository.

Panev is also accused of communicating directly through a cybercriminal forum with LockBitโ€™s primary administrator, Dmitry Yuryevich Khoroshev, also known as known as โ€œLockBitSuppโ€, where they discussed work needed to be done on the LockBit builder and control panel.

Between June 2022 and February 2024, Panev received cryptocurrency transfers of approximately $10,000 per month for his services from LockBitโ€™s administrator, totaling over $230,000.

โ€œAmong the work that Panev admitted to having completed for the LockBit group was the development of code to disable antivirus software; to deploy malware to multiple computers connected to a victim network; and to print the LockBit ransom note to all printers connected to a victim network,โ€ read the DoJ news release.

โ€œPanev also admitted to having written and maintained LockBit malware code and to having provided technical guidance to the LockBit group.โ€

According to defense attorney Sharon Nahari, Panevโ€™s lawyer, he developed tools for the group without being aware of how the software would ultimately be used.

โ€œMy client is a computer technician. His role was strictly limited to software development, and he was neither aware of nor involved in the primary offenses he has been accused of, including fraud, extortion, and money laundering,โ€ Nahari said.

As part of the FBIโ€™s ongoing efforts to disrupt and dismantle the LockBit ransomware group, the Justice Department has charged seven key group members in the U.S. Three defendants, including Panev, have been arrested.

โ€œThe arrest of Mr. Panev reflects the Department’s commitment to using all its tools to combat the ransomware threat. We started this year with a coordinated international disruption of LockBit โ€” the most damaging ransomware group in the world. Fast forward to today and three LockBit actors are in custody thanks to the diligence of our investigators and our strong partnerships around the world. This case is a model for ransomware investigations in the years to come,โ€ said U.S. Deputy Attorney General Lisa Monaco.

Kavita Iyer
Kavita Iyerhttps://www.techworm.net
An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!
spot_img

Read More

Suggested Post