{
	"id": "7e98fbed-744c-4751-bc2c-dec1f89beb1b",
	"created_at": "2026-04-06T00:07:03.049487Z",
	"updated_at": "2026-04-10T13:12:15.25568Z",
	"deleted_at": null,
	"sha1_hash": "f2d1c6088601a1d2905a1db20d715fe2e63142ef",
	"title": "Suspected LockBit ransomware affiliate arrested, charged in US",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1484137,
	"plain_text": "Suspected LockBit ransomware affiliate arrested, charged in US\r\nBy Sergiu Gatlan\r\nPublished: 2023-06-15 · Archived: 2026-04-05 23:46:51 UTC\r\nRussian national Ruslan Magomedovich Astamirov was arrested in Arizona and charged by the U.S. Justice Department for\r\nallegedly deploying LockBit ransomware on the networks of victims in the United States and abroad.\r\nAccording to the criminal complaint, the 20-year-old suspect from the Chechen Republic was allegedly involved in LockBit\r\nransomware attacks between August 2020 and March 2023.\r\n\"Astamirov allegedly participated in a conspiracy with other members of the LockBit ransomware campaign to commit wire\r\nfraud and to intentionally damage protected computers and make ransom demands through the use and deployment of\r\nransomware,\" US DOJ said.\r\nhttps://www.bleepingcomputer.com/news/security/suspected-lockbit-ransomware-affiliate-arrested-charged-in-us/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/suspected-lockbit-ransomware-affiliate-arrested-charged-in-us/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\n\"Specifically, Astamirov directly executed at least five attacks against victim computer systems in the United States and\r\nabroad.\"\r\nAstamirov has been indicted on charges of conspiracy to transmit ransom demands, commit wire fraud, and intentionally\r\ndamage protected computers. \r\nIf found guilty, he could face up to 20 years in prison for the wire fraud charge and up to five years in prison for the charge\r\nrelated to damaging protected computers. \r\nThe charges also carry the possibility of fines up to $250,000 or double the financial gain or loss resulting from the offense,\r\nwhichever is higher.\r\nThird LockBit affiliate charged in the U.S. since November\r\nAstamirov is the third LockBit affiliate the U.S. Justice Department charged in the last seven months.\r\nIn November 2022, the DOJ unveiled criminal charges against Mikhail Vasiliev, now in custody in Canada and awaiting\r\nextradition to the United States. \r\nIn May 2023, Mikhail Pavlovich Matveev (also known as Wazawaka, m1x, Boriselcin, and Uhodiransomwar) was also\r\ncharged for his alleged involvement in deploying LockBit, Babuk, and Hive ransomware in attacks targeting organizations\r\nwithin and outside the United States.\r\n\"Astamirov is the third defendant charged by this office in the LockBit global ransomware campaign, and the second\r\ndefendant to be apprehended,\" said U.S. Attorney Philip R. Sellinger for the District of New Jersey. \r\n\"The LockBit conspirators and any other ransomware perpetrators cannot hide behind imagined online anonymity. We will\r\ncontinue to work tirelessly with all our law enforcement partners to identify ransomware perpetrators and bring them to\r\njustice.\"\r\nLockBit ransomware emerged as a ransomware-as-a-service (RaaS) operation in September 2019 and has claimed multiple\r\nhigh-profile victims worldwide in recent months, including the Continental automotive giant, the UK Royal Mail, the Italian\r\nInternal Revenue Service, and the City of Oakland.\r\nU.S. and international cybersecurity authorities also revealed in a joint advisory published on Wednesday that this\r\nransomware gang extorted roughly $91 million from U.S. organizations that fell victim to approximately 1,700 attacks since\r\n2020.\r\nhttps://www.bleepingcomputer.com/news/security/suspected-lockbit-ransomware-affiliate-arrested-charged-in-us/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/suspected-lockbit-ransomware-affiliate-arrested-charged-in-us/\r\nhttps://www.bleepingcomputer.com/news/security/suspected-lockbit-ransomware-affiliate-arrested-charged-in-us/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/suspected-lockbit-ransomware-affiliate-arrested-charged-in-us/"
	],
	"report_names": [
		"suspected-lockbit-ransomware-affiliate-arrested-charged-in-us"
	],
	"threat_actors": [],
	"ts_created_at": 1775434023,
	"ts_updated_at": 1775826735,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/f2d1c6088601a1d2905a1db20d715fe2e63142ef.pdf",
		"text": "https://archive.orkl.eu/f2d1c6088601a1d2905a1db20d715fe2e63142ef.txt",
		"img": "https://archive.orkl.eu/f2d1c6088601a1d2905a1db20d715fe2e63142ef.jpg"
	}
}