A 20-year-old Russian national, Ruslan Magomedovich Astamirov, has been charged by the U.S. Department of Justice for his alleged involvement in carrying out at least four LockBit ransomware attacks against multiple businesses globally.
The charges, filed by the U.S. Justice Department, accuse Astamirov of wire fraud, intentionally damaging protected computers, and transmitting extortionate ransom demands. Specifically, he is alleged to have owned various email addresses, IP addresses, and other online accounts that were used to deploy the LockBit malware and communicate with victims. Investigators also managed to trace part of a ransom payment from one victim to a cryptocurrency wallet controlled by Astamirov.
Astamirov has allegedly employed a variety of online accounts, including email addresses and IP addresses, to deploy the LockBit ransomware and communicate with his victims. Additionally, a portion of a ransom payment from a victim was traced to a virtual currency address allegedly controlled by Astamirov.
If convicted, Astamirov faces up to 25 years in prison – 20 years for wire fraud and 5 years for damaging computers/ransom demands. He also faces up to $500,000 in fines, equal to twice the amount gained or lost due to his alleged criminal activities. The severity of the penalties reflects the increasing threat ransomware poses to businesses and government agencies around the world.