American prosecutors have opted to charge an absent Russian national for his role as the source of one of the most sophisticated and widespread ransom wear attacks back in 2019. As announced by the Department of Justice (DOJ), they also are offering a $10 million bounty for his arrest.
31-year-old Dmitry [Yuryevich] Khoroshev faces 26 charges in his indictment. A man commonly referred to by the aliases LockBitSupp, LockBit, and putinkrab, he took over $100 million from his known 2,000 attacks. Including other suspected attacks he is associated with, and that number soars to more than 2,500 attacks and over $500 million in ransoms amongst the group. Over 120 countries have paid him and his known associates, with incredible amounts of data seized and held.
In his attacks, victims were presented with a simple decision. Pay Khoroshev or his associates off, and the data would be deleted, full access to the system restored, and none of their embarrassing or potentially compromising info would be leaked. Don’t pay and they ensure you will never get your system back. Your data would be sold off to the highest bidder, and exposed to friends and relatives. Corporations and governments would be lucky if they didn’t cause major damage to anything connected.
Yet Khoroshev didn’t always follow through. Retaining data, he would often threaten to expose them again even after they made the initial payments. Many victims lost substantial revenue and also spent money trying to take back their highjacked systems. Totaling in the billions of dollars, this hacker scam was an absolute nightmare and now the DOJ wants to be sure he pays the price. According to them, Khoroshev is now facing up to 185 years in prison in addition to “a maximum fine of the greatest of $250,000, pecuniary gain to the offender, or pecuniary harm to the victim” if convicted.