A Russian national has been arrested in Arizona and charged in connection to LockBit ransomware and other cyberattacks conducted on targets in the United States, Europe, Asia, and Africa since 2020. Magomedovich Astamirov, 20, of the Chechen Republic in Russia, is alleged to have conducted at least 5 LockBit ransomware attacks in the United States and other countries as an affiliate of the LockBit ransomware-as-a-service (RaaS) operation. LockBit is currently the most widely used ransomware variant and has been used to extort around $91 million from U.S. organizations since 2020.
According to the Department of Justice, from at least August 2020, Astamirov conspired with other members of the LockBit RaaS operation to intentionally damage protected computers, commit wire fraud, and deploy ransomware to extort money from companies. HE is accused of directly executing at least 5 attacks on targets in the United States and abroad. Astamirov owned, controlled, and used a variety of email addresses, IP addresses, and other online provider accounts to deploy the ransomware and communicate with his co-conspirators and victims. In one of the attacks, law enforcement successfully traced a payment from a victim to an account under Astamirov’s control.
Astamirov has been charged with conspiracy to commit wire fraud and conspiracy to intentionally damage protected computers and to transmit ransom demands. Astamirov faces a maximum jail term of 20 years for the conspiracy to commit wire fraud charge and a maximum penalty of 5 years in jail for the intentionally damaging protected computers charge. In addition, each charge carries a maximum fine of $250,000 or twice the gain or loss from the offense, whichever is greater.
Astamirov is the third alleged LocBit affiliate to be charged in connection with the attacks in the United States, and the second LockBit affiliate to be arrested. The other two individuals are dual Russian and Canadian national, Mikhail Vasilev, who is currently in custody in Canada and awaiting extradition to the United States to face the charges, and Mikhail Pavlovich Matreev, who is still at large and has been accused of conducting LockBit, Babuk, and Hive ransomware attacks on targets in the United States.
Get the FREE
HIPAA Compliance Checklist
Delivered via email so please ensure you enter your email address correctly.
Your Privacy Respected
“The FBI is committed to pursuing ransomware actors like Astamirov, who have exploited vulnerable cyber ecosystems and harmed victims,” said FBI Deputy Director Paul Abbate. “We, in collaboration with our federal and international partners, are fully committed to the permanent dismantlement of these types of ransomware campaigns that intentionally target people and our private sector partners. We will continue to leverage every resource to prevent this type of malicious, criminal activity.”