Total Tests:
Blog Filters reset x
By Incident
By Jurisdiction
Show More

Cybersecurity
Compliance

Cybersecurity
Legal Advisory
Learn More

LockBit Boss Identified, Charged And Sanctioned By The US And Partners

Read also: a hacker-for-hire arrested in the UK, the BTC-e mastermind pleads guilty, and more.


Thursday, May 9, 2024
Views: 9k Read Time: 3 min.

LockBit Boss Identified, Charged And Sanctioned By The US And Partners

LockBit ransomware boss identified, charged and sanctioned by the US and partners

In a coordinated effort, the US, UK, Australian authorities, and Europol, have revealed the identity of the mastermind behind the LockBit ransomware operation. Dmitry Yuryevich Khoroshev, a Russian national, operating under the aliases 'LockBitSupp' and ‘putincrab’, has been disclosed as the key figure behind the notorious cybercriminal group.

Khoroshev allegedly developed and administered the LockBit ransomware-as-a-service (RaaS) operation since its establishment in 2019, orchestrating attacks on over 2,500 victims across 120 countries. Through the duration of the scheme, it is estimated that at least $500 million in ransom payments were extorted from the victims, causing billions in losses. He managed the ransomware's infrastructure, recruited affiliates, and maintained a data leak site. Khoroshev received a significant share of the ransom payments, amassing around $100 million in digital currency.

The US and Australia have imposed sanctions on Khoroshev, including asset freezes and travel bans, and announced a $10 million reward for information leading to his arrest or conviction.

The LockBit operation was disrupted in February 2024 through a global law enforcement effort, resulting in arrests, server seizures, and the shutdown of cryptocurrency accounts. The UK's National Crime Agency played a lead role, seizing infrastructure and obtaining decryption keys, while US authorities indicted two Russian nationals linked to LockBit and other ransomware attacks.

ImmuniWeb can help prevent data breaches and meet regulatory requirements.
Request your free demo now and talk to our experts.

BTC-e mastermind pleads guilty to money laundering

The suspected boss of BTC-e Alexander Vinnik, a Russian national, has pleaded guilty to conspiracy to commit money laundering linked to his role in operating the cryptocurrency exchange from 2011 to 2017.

According to court documents, Vinnik was one of the key figures behind BTC-e, one of the globe's largest virtual currency exchanges. BTC-e was known as a preferred platform for cybercriminals seeking to transfer and launder proceeds from illicit activities, including ransomware attacks. Notably, BTC-e was linked to the breach of the now-defunct crypto exchange Mt. Gox after it was used to launder some 300,000 bitcoins obtained through the hack. BTC-e was shut down in July 2017.

At about the same time, Vinnik was apprehended by authorities while vacationing in Greece, following an international warrant issued by the US for his involvement in the operation of BTC-e. After the United States, France and Russia requested Vinnik’s extradition to their respective nations, a years-long extradition battle followed.

Eventually, Vinnik was sent to France in 2020, where he received a five-year prison sentence and a fine of €100,000. He was then returned to Greece before finally being sent to the United States to face charges against him.

Cybersecurity Compliance

Prevent data breaches and meet regulatory requirements

Cybersecurity
Legal Advisory
Learn More

An Australian man arrested for blackmail over NSW data breach

Australian law enforcement authorities have apprehended a Sydney man in connection with a significant data breach investigation involving the personal information of thousands of residents from New South Wales and the Australian Capital Territory.

The suspect, who was arrested over a data breach at Outabox, an IT provider used by dozens of hospitality venues, is accused of creating a website providing access to Outabox data. The compromised information purportedly included personal details, driver's license scans, signatures, birth dates used for patron sign-ins, and facial recognition data, totaling over 1 million records.

Authorities are still piecing together how the breach occurred. A spokesperson for Outabox said the company is aware of a potential breach of data by an unauthorized third party from a sign-in system used by its customers.

The 46-year-old suspect faces charges of blackmail and has been granted conditional bail, with a court appearance scheduled for June 12, 2024.

A hacker-for-hire arrested in the UK

Amit Forlit, an Israeli private investigator, was arrested at London's Heathrow Airport under an Interpol red notice while attempting to fly to Israel. The arrest, prompted by US authorities, is linked to allegations of cyberespionage.

Forlit is accused of participating in a hack-for-hire scheme with an unnamed US-based PR firm, reportedly paid $20 million to gather intelligence on the Argentinian debt crisis. The US charges against Forlit include conspiracy to commit computer hacking and wire fraud.

Despite extradition attempts, a judge in Westminster Magistrates’ Court dismissed the case due to a legal technicality regarding the timeframe for producing Forlit in court.

Additionally, Forlit faces separate accusations of computer hacking in New York, involving aviation executive Farhad Azima's emails. Forlit previously acknowledged obtaining the victim’s emails but denied the allegations of hacking, claiming that he came upon the emails “on the web.”

ImmuniWeb Newsletter

Get exclusive updates and invitations to our events and webinars:


Private and Confidential Your data will stay private and confidential

Six Austrians arrested in major crypto scam, over €750,000 seized

In a coordinated effort involving law enforcement agencies from Austria, Cyprus, and Czechia, six Austrian nationals have been apprehended for orchestrating an elaborate online cryptocurrency scam that promised lucrative returns to unsuspecting investors.

The scam, spanning from December 2017 to February 2018, involved what appeared to be a legitimate online trading company offering a new cryptocurrency. With an initial coin offering (ICO) amounting to 10 million tokens, or corresponding rights to the new currency, investors were lured in with promises of substantial profits. Payment for these tokens was accepted in cryptocurrencies like Bitcoin or Ethereum.

To lure in victims, the fraudsters claimed to have developed sophisticated software and a unique algorithm specifically tailored for token sales. In February 2018, the perpetrators abruptly closed all social media accounts associated with the project and took down the fake company's website, leading to suspicions of an elaborate exit scam.

Following an investigation, authorities conducted six house searches, resulting in the seizure of over €500,000 in cryptocurrencies and €250,000 in fiat currency. Additionally, dozens of bank accounts were frozen in connection with the scam. Two cars and a luxury property valued at €1.4 million were also confiscated.

What’s next:

Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law.
Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential