A notorious Russian cybercriminal, Mikhail Pavlovich Matveev, wanted by U.S. authorities for his involvement in the LockBit and Hive ransomware operations, has been arrested in Russia. The arrest marks a significant development in the fight against cybercrime, with Matveev facing multiple charges related to ransomware attacks that targeted victims worldwide.
According to Russian media outlet RIA Novosti, Matveev is accused of creating a malicious program designed to encrypt files and demand a ransom for a decryption key. The Russian Ministry of Internal Affairs has confirmed that sufficient evidence has been gathered against him, and the criminal case has been sent to the Central District Court of Kaliningrad for further consideration.
Matveev has been charged under Part 1 of Article 273 of the Russian Criminal Code for creating, using, and distributing malicious computer programs capable of causing damage, blocking, modifying, or copying computer information. He faces serious charges in connection to his role in ransomware operations that have affected thousands of victims globally.
In May 2023, the U.S. government formally indicted Matveev for orchestrating widespread ransomware attacks through the LockBit and Hive ransomware groups. Known by several online aliases, including Wazawaka, m1x, Boriselcin, Uhodiransomwar, and Orange, Matveev was placed on the U.S. Treasury’s sanctions list and offered a reward of up to $10 million for any information leading to his arrest or conviction.
Matveev’s criminal activities were reportedly supported by his public statements claiming that local authorities in Russia tolerated his actions as long as he remained loyal to the country. A report from Swiss cybersecurity firm PRODAFT further revealed that Matveev led a team of six penetration testers in executing these ransomware attacks.
In addition to his affiliation with major ransomware groups like Conti, LockBit, Hive, Trigona, and NoEscape, Matveev previously held a managerial role in the Babuk ransomware group until early 2022. He is also suspected of having ties to the notorious Russian cybercrime group Evil Corp.
Matveev’s arrest comes just over a month after four members of the now-defunct REvil ransomware operation were sentenced to prison in Russia for hacking and money laundering charges. This development highlights the ongoing global effort to tackle ransomware and cybercriminal networks.
