A Russian national pegged as the mastermind behind a ransomware group that coerced at least $500 million from its victims was indicted Tuesday by a federal grand jury.
The Department of Justice said Dimitry Yuryevich Khoroshev, 31, of Voronezh, Russia, was charged with various fraud and extortion offenses in a 26-count indictment over his alleged role as the creator, developer and administrator of the LockBit ransomware group.
The defendant is not in U.S. custody. His last known whereabouts are in Russia.
Mr. Khoroshev, whom authorities said was running the criminal hacking organization under the moniker “LockBitSupp,” is accused of compelling victims such as Boeing, the U.K.’s Royal Mail postal service and the court system in Fulton County, Georgia, to pay ransoms since it was founded in 2019.
LockBit was at one point targeting hundreds of companies a month in ransomware attacks — when hackers infect a device with malware and prevent people from using it or accessing its data.
The disruptive program is only removed when the hackers are paid off. Those who refuse to pay are threatened with having their confidential data leaked on the internet.
“As part of our unrelenting efforts to dismantle ransomware groups and protect victims, the Justice Department has brought over two dozen criminal charges against the administrator of LockBit, one of the world’s most dangerous ransomware organizations,” Deputy Attorney General Lisa Monaco said in a press release. “Working with U.S. and international partners, we are using all our tools to hold ransomware actors accountable — and we continue to encourage victims to report cyberattacks to the FBI when they happen. Reporting an attack could make all the difference in preventing the next one.”
The U.K.’s National Crime Agency first tied Mr. Khoroshev to LockBit in February when it infiltrated the ransomware group’s web infrastructure.
U.K. officials arrested a number of people and shut down the criminal group’s servers, according to Wired Magazine. The operation largely ended LockBit’s relentless hacks.
U.S. prosecutors said Mr. Khoroshev ran LockBit as a “ransomware-as-a-service” model.
He designed the code used in the attacks and recruited other people to go after their preferred targets, according to the DOJ. Mr. Khoroshev would get a 20% cut from the digital heist, while also maintaining a public website that hosted all the private data for those who didn’t pay up.
Prosecutors said Mr. Khoroshev personally made off with about $100 million throughout the lifetime of the scheme.
The seizure by U.K. authorities earlier this year also revealed that the defendant kept data from victims who did pay the ransom, despite promises to delete it if payments were made.
The DOJ said Mr. Khoroshev discussed cooperating with law enforcement after the February crackdown in exchange for sharing the identities of his ransomware-as-a-service competitors.
If convicted of all charges, the defendant could get up to 185 years in prison.
• Matt Delaney can be reached at mdelaney@washingtontimes.com.
Please read our comment policy before commenting.