Russian national charged in ransomware scam that stole $200M from US citizens, including NJ schools

WABC logo
Tuesday, May 16, 2023
NJ law enforcement, schools hacked in Russian ransomware scheme
A Russian national was charged with using three different ransomware variants to attack numerous victims throughout the U.S.

NEWARK, New Jersey (WABC) -- A Russian national was charged with hacking 2,800 victims and making ransom demands of at least $400 million, according to court documents unsealed by the Justice Department.

The U.S. Justice Department unsealed two indictments charging a Russian national and resident with using three different ransomware variants to attack multiple people in the United States.

Victims of the campaigns paid as much as $200 million, according to the indictments.

Some of those victims range from law enforcement agencies in New Jersey and Washington D.C. to healthcare and other sectors nationwide.

A police department and a healthcare facility in New Jersey are a couple of the victims -- as well as several school systems across the state.

In June of 2020, he targeted the Passaic Park Police and in May of last year, he went after a non-profit behavioral health organization in Mercer County. He also targeted the Metropolitan Police Department in D.C.

The indictment said that from at least 2020 Mikhail Matveev participated in conspiracies to deploy three ransomware variants.

"Thanks to the extraordinary investigative work of prosecutors from my office and our FBI partners, Matveev no longer hides in the shadows," said U.S. Attorney for the District of New Jersey Philip Sellinger. "We have publicly identified his criminal acts and charged him with multiple federal crimes. Let today's charges be a reminder to cybercriminals everywhere. My office is devoted to combatting cybercrime and will spare no resources in bringing to justice those who use ransomware attacks to target victims."

Those variants are known as LockBit, Babuk and Hive and were allegedly used to attack thousands of people in the U.S. and around the world.

Each of the variants operated in the same general manner: first eh ransomware actors would access vulnerable computer systems, then they would send a note to the victim demanding a payment in exchange for decrypting the victim's data or refraining from sharing it publicly. They would negotiate a price and often if the victim didn't pay the ransomware actor would post the victim's data on a public website, usually called a data leak site.

Matveev went by many pseudonyms including Wazawaka, m1x, Boriselcin and Uhodiransomwar.

He was charged with conspiring to transmit ransom demands, conspiring to damage protected computers and intentionally damaging protected computers.

If convicted, he faces over 20 years in prison.


* Get Eyewitness News Delivered

* Follow us on YouTube

* More local news

* Send us a news tip

* Download the abc7NY app for breaking news alerts Submit a News Tip