Thu | May 9, 2024 | 3:35 PM PDT

The U.S. Department of Justice has unsealed charges against a Russian national accused of developing and operating the notorious LockBit ransomware, one of the most destructive and lucrative cybercrime operations in recent years.

Dmitry Yuryevich Khoroshev, 31, of Voronezh, Russia, has been indicted on 26 counts related to his alleged role as the creator and administrator of LockBit ransomware since its inception in September 2019.

"Khoroshev conceived, developed, and administered Lockbit, the most prolific ransomware variant and group in the world, enabling himself and his affiliates to wreak havoc and cause billions of dollars in damage to thousands of victims around the globe," said Philip R. Sellinger, U.S. Attorney for the District of New Jersey.

According to the indictment, LockBit compromised more than 2,500 victims across at least 120 countries, including 1,800 in the United States alone. Victims spanned individuals, businesses, hospitals, schools, government agencies, and critical infrastructure providers. Khoroshev and his co-conspirators are alleged to have extracted at least $500 million in ransoms while inflicting billions more in losses.

Operating under hacker aliases like "LockBitSupp" and "putinkrab," Khoroshev designed LockBit as a ransomware-as-a-service scheme. He developed the malware, recruited affiliates to deploy it, and took a 20% cut of any ransom payments—personally netting more than $100 million, according to prosecutors.

The charges paint LockBit as a remarkably brazen and destructive cybercrime cartel. Even after victims paid ransoms, Khoroshev retained copies of their stolen data. 

After targeting Boeing in an October 2023 ransomware attack, LockBit demanded a $200 million extortion payment, according to reporting from CyberScoop.

[RELATED: LockBit Bounces Back Shortly After Takedown and Police Trolling]

Following February's law enforcement disruption, Khoroshev contacted authorities offering to identify competitor hackers in exchange for his services.

The State Department is offering a $10 million bounty for information leading to Khoroshev's arrest. Alongside OFAC sanctions freezing his assets, these actions represent a sweeping crackdown on the alleged LockBit kingpin and his far-reaching enterprise.

As U.S. Deputy Attorney General Lisa Monaco stated, "We are using all our tools to hold ransomware actors accountable." If convicted on all charges, Khoroshev faces up to 185 years in prison.

Whether he is apprehended remains to be seen, but the indictment signals that ransomware threat actors like LockBit are firmly in the crosshairs of U.S. law enforcement.

Follow SecureWorld News for more stories related to cybersecurity.

Comments