Two Russian nationals have pleaded guilty to their involvement in the LockBit ransomware operation, which has deployed attacks against victims worldwide, inflicting up to $2 million in damages. Ruslan Magomedovich Astamirov, 21, and Mikhail Vasiliev, 34, carried out ransomware attacks across multiple countries, including the US, Japan, France, Scotland, Kenya, the UK, and Switzerland.
Operating under various online aliases between 2020 and 2023, Astamirov and Vasiliev extorted a combined $1.95 million in ransom payments from their victims.
Astamirov pleaded guilty to conspiracy to commit computer fraud and abuse and conspiracy to commit wire fraud. He faces a maximum sentence of 25 years in prison. Vasiliev, who holds dual Canadian and Russian citizenship, pleaded guilty to conspiracy to commit computer fraud and abuse, intentional damage to a protected computer, transmission of a threat in relation to damaging a protected computer, and conspiracy to commit wire fraud. Vasiliev could face up to 45 years in prison.
Vasiliev was initially charged and arrested by Canadian authorities in November 2022 and later extradited to the United States to face trial. A sentencing date has not yet been set.
The guilty pleas come after the UK National Crime Agency’s (NCA) Cyber Division, in cooperation with the DOJ, FBI, and other international law enforcement partners, partially disrupted LockBit’s operations in February. This disruption followed charges brought against other members of the LockBit group, including its alleged creator, developer, and administrator, Dmitry Yuryevich Khoroshev.
LockBit’s operation has caused billions in broader losses, with ransomware payments totaling approximately $500 million from its victims. The victims included a wide range of entities from individuals and small businesses to multinational corporations, hospitals, schools, nonprofit organizations, critical infrastructure, and government agencies. The DOJ highlights the severe impact of LockBit, noting its responsibility for over 1,800 attacks in the United States alone.
Given the significant threat posed by ransomware, cybersecurity experts advise both organizations and individuals to remain vigilant.
“While most ransomware attacks of LockBit’s scale are highly targeted, regular consumers also run the risk of a ransomware infection from tainted links and unvetted software downloads,” warned cybersecurity firm Bitdefender. “It is crucial for consumers to stay vigilant and always run a trusted security solution on their personal devices to limit the risk of a ransomware infection.”