Rostislav Panev, a 51-year-old Russian and Israeli national, has been extradited to the United States. He is suspected of being a developer for LockBit.
According to court documents, Panev operated as a developer for the LockBit ransomware operation between 2019 and February 2024. During that time, he and his coconspirators transformed LockBit into the most active and destructive ransomware group in the world.
The Department of Justice states that LockBit attacked more than 2,500 organizations and businesses in at least 120 countries, including 1,800 victims in the US. Their victims ranged from individuals and small businesses to multinational corporations, such as hospitals, schools, nonprofit organizations, critical infrastructure, and government and law enforcement agencies.
LockBit approximately received over $500 million in ransom payments.
Developers like Panev designed the LockBit malware code and maintained the infrastructure on which the ransomware group operated. LockBit is a so-called ransomware-as-a-service (RaaS), meaning affiliates can use the organization’s hacking tools and infrastructure in exchange for a cut of all illicit revenues.
Panev was arrested in August 2024 in Israel. Law enforcement officers found administrator credentials for an online repository on his computer. The repository, hosted on the dark web, stored source code for multiple versions of the LockBit builder, which affiliates used to custom-build ransomware for particular victims.
In addition, the police discovered source code for LockBit’s StealBit tool, which was used to help affiliates exfiltrate stolen data, and access credentials for the LockBit control panel, an online dashboard for LockBit’s affiliates. Lastly, direct messages between Panev and another primary administrator were found on his computer.
According to the Department of Justice, Panev earned about $230,000 in cryptocurrency for his work between June 2022 and February 2024.
“No one is safe from ransomware attacks, from individuals to institutions. Along with our international partners, the FBI continues to leave no stone unturned when it comes to following LockBit’s trail of destruction. We will continue to work tirelessly to prevent actors, such as Panev, from hacking their way to financial gain,” Acting Special Agent in Charge of the FBI Newark Division Terence G. Reilly said in a statement.
The investigation into LockBit has been going on for several years. A total of seven alleged LockBit members have been charged thus far. The US Department of State’s Transnational Organized Crime (TOC) Rewards Program is offering rewards of $10 million for information leading to the identification and location of other core team members of LockBit, and up to $5 million for information leading to the arrest of affiliates.
Your email address will not be published. Required fields are markedmarked