In a significant move against cybercrime, the US Department of Justice (DOJ) has announced charges against Dmitry Yuryevich Khoroshev, a Russian national, for his alleged role in operating the notorious LockBit ransomware. The charges, which were unveiled on Tuesday, detail Khoroshev’s involvement from the inception of LockBit in September 2019, highlighting his key role in developing and managing the ransomware.
According to the DOJ, LockBit has quickly ascended to become one of the most damaging ransomware groups worldwide under Khoroshev’s guidance. The group’s activities have reportedly impacted over 2,500 targets across at least 120 countries, amassing ransom payments that exceed US$500 million. LockBit’s modus operandi involves a ransomware-as-a-service model, which allows other criminals to lease or purchase the ransomware to launch their own attacks. This model has facilitated numerous high-profile cyberattacks, including those on the UK’s Royal Mail, a children’s hospital, and the small town of St. Marys in Ontario, Canada.
Earlier this year, in a coordinated effort, US and UK authorities managed to seize the servers and websites central to LockBit’s operations. They also captured crucial decryption keys, providing relief to numerous affected organisations by enabling them to restore access to their encrypted data. This operation marked a major blow to LockBit, culminating in the arrest and charging of two other key players in the group, Artur Sungatov and Ivan Kondratyev, who are currently awaiting trial in the US.
The indictment and consequences
The indictment reveals that Khoroshev allegedly retained a 20% cut from each ransom collected, and shockingly, he continued to store victims’ stolen data even after payments were made, despite promises to delete it. This breach of trust has led to further scrutiny and charges against him. Khoroshev now faces 26 charges, including conspiracy to commit fraud and multiple counts of extortion. If convicted, he could face up to 185 years in prison. Additionally, the DOJ has issued a US$10 million reward for information leading to Khoroshev’s capture, underscoring the seriousness with which it views this case.
US Attorney Philip R. Sellinger stated, “Today’s indictment marks a significant milestone in our ongoing efforts to dismantle the LockBit network. This case highlights our commitment to holding cyber criminals accountable, no matter where they operate.”
This case represents a critical juncture in the fight against global cybercrime, particularly ransomware, which continues to pose a significant threat to international security and economic stability.
