US/UK Agencies Identify And Sanctioned LockBit Ransomware Group Leader
The United States government has recently designated Dmitry Yuryevich Khoroshev, a Russian national and a major figure in the LockBit ransomware group, for his role in developing and distributing LockBit ransomware.
This move is the result of a joint effort between the U.S. Department of Justice, the Federal Bureau of Investigation, the United Kingdom’s National Crime Agency, the Australian Federal Police, and other international partners who have come together to address the growing threat of ransomware attacks.
Additionally, the Department of Justice is unsealing an indictment against Khoroshev, and the Department of State is offering a reward of up to $10 million for information leading to his arrest or conviction for participating in, conspiring to participate in, or attempting to participate in, transnational organized crime.
However, according to Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson, “Today’s action reaffirms our commitment to dismantling the ransomware ecosystem and exposing those who seek to conduct these attacks against the United States, our critical infrastructure, and our citizens.”
Moreover, this designation follows several other U.S. government actions against Russian cybercriminals involved in ransomware, including the disruption of LockBit ransomware infrastructure and sanctions against LockBit group affiliates.
LockBit A Force To Reckon With
The LockBit ransomware group is based in Russia and is one of the most active ransomware groups in the world. It is best known for its ransomware variant of the same name. According to the Department of Justice, it has targeted over 2,500 victims worldwide and received over $500 million in ransom payments.
Notably, the repeated search and prize offer actions reflect the commitment of the United States and its allies to a long-term, coordinated, and sustained approach to disrupt and degrade the ransomware ecosystem.
However, despite repeated warnings and calls to action, Russia continues to offer safe harbor for cybercriminals to launch ransomware attacks against the United States and its allies.
Nonetheless, the United States has stressed that Russia must take concrete steps to prevent cybercriminals from operating freely within its jurisdiction. Today’s actions demonstrate the resolve of the United States and its partners to hold accountable those who seek to conduct these attacks against the United States, its critical infrastructure, and its citizens.