A member of the ransomware LockBit affiliate was arrested in the United States

Lockbit ransomware

According to a disclosure by the U.S. Department of Justice, charges have been laid against a Russian national, alleged to have deployed the Lockbit ransomware in regions spanning across the U.S., Asia, Europe, and Africa.

LockBit, currently one of the most active ransomware, has launched attacks on a vast number of businesses and government entities globally, leading to incalculable financial losses.

The alleged offender, Ruslan Magomedovich Astamirov, a mere 20 years old and a resident of the Chechen Republic, an affiliate of Russia, has been apprehended by U.S. authorities.

Astamirov allegedly participated in a conspiracy with other members of the LockBit ransomware campaign to commit wire fraud and to intentionally damage protected computers and make ransom demands through the use and deployment of ransomware,” US DOJ said.

Astamirov’s principal responsibilities involved managing an array of email addresses, IP addresses, and other online accounts, subsequently contacting victims and coaxing them into paying ransoms in cryptocurrency.

Astamirov’s arrest was facilitated by the FBI tracking a cryptocurrency address registered in his name. His real information was successfully discovered when he conducted a transaction, leading to his effortless arrest in Arizona, where he was active.

The notorious LockBit ransomware operates a double extortion scheme, initially infiltrating the internal network of a business to collect and transmit data to a hacker-controlled server, followed by encrypting all files.

Should the victims decide to restore their data from backups instead of paying the ransom, LockBit operators threaten to publicize all the data, thereby coercing enterprises into paying the ransom.

Worth mentioning, Astamirov is the third criminal associated with LockBit to be apprehended, albeit a minor player. The central figures remain elusive to the hand of justice.