The Justice Department on Tuesday unsealed two indictments charging a Russian national in a “global ransomware campaign,” which, in part, allegedly involved cyberattacks on law enforcement agencies in New Jersey and Washington, D.C., as well as victims in health care and other sectors nationwide.
Mikhail Pavlovich Matveev, 30, of Kaliningrad, Russia, is charged with intentional damage to a protected computer and threats relating to a protected computer.
Each felony offense carries a statutory maximum of 10 years in prison, federal prosecutors said.
Using online monikers Wazawaka, m1x, Broriscelcin and Uhodiransomwar from his home base in Russia, Matveev allegedly participated in conspiracies to deploy three ransomware variants known as LockBit, Babuk and Hive to attack critical infrastructure around the world, including law enforcement, hospitals, government agencies, schools and victims in other sectors.
The Justice Department said the Metropolitan Police Department in Washington, D.C., was targeted by a ransomware attack in August 2021. (Celal Gunes/Anadolu Agency via Getty Images)
“In 2021, Babuk ransomware affiliates attacked the police department of a major U.S. city. The hackers who infiltrated the police department’s computer network stole the home addresses, cellphone numbers, financial data, medical histories and other personal details of police officers, along with sensitive information about gangs, suspects of crimes and witnesses,” the Treasury Department said. “In a public interview, Matveev claimed responsibility for posting the police department’s stolen data online.”
The Treasury’s Office of Foreign Assets Control also announced Tuesday it is designating Matveev for his role in launching cyberattacks against U.S. law enforcement, businesses and critical infrastructure. The Department of State has also announced an award of up to $10 million for information that leads to the apprehension of this defendant.
On April 26, 2021, Babuk conspirators deployed ransomware against the Metropolitan Police Department in Washington, D.C., and then threatened to disclose sensitive information to the public unless a payment was made. As part of that specific attack, Matveev allegedly intentionally infected the police department’s computer systems with Babuk ransomware, stole data and then attempted to extort the department, threatening disclosure of sensitive information unless payment was made.
Matveev is also charged with a series of similar crimes in an indictment filed in the District of New Jersey.
On June 25, 2020, Matveev and his LockBit conspirators allegedly deployed LockBit ransomware against a law enforcement agency in Passaic County, New Jersey. On May 27, 2022, Matveev and Hive coconspirators allegedly deployed Hive against a nonprofit behavioral health care organization headquartered in Mercer County, New Jersey.
The FBI said it is investigating the case with assistance from international partners in France, Japan, the United Kingdom, Switzerland, the Netherlands, Germany, Spain, Norway and Sweden.