Russian national believed to be involved in Wichita ransomware attack

Home
Local News
News
Russian national believed to be involved in Wichita ransomware attack

Posted May 8, 2024

The U.S. Department of Justice has announced charges against a Russian national for his involvement in a ransomware group that is believed to be behind a ransomware attack on the City of Wichita and other attacks across the country.

The indictment names 31-year-old Dimitri Khoroshev of Voronezh, Russia as the creator, developer and administrator of the LockBit ransomware group, which was created in 2019. Justice Department officials said LockBit has been the most prolific ransomware group in the world.

A federal grand jury in New Jersey has named Khoroshev in a 26-count indictment. FBI Director Christopher Wray said in a press release that the indictment “continues the FBI’s ongoing disruption of the LockBit criminal ecosystem. The LockBit ransomware group represented one of the most prolific ransomware variants across the globe, causing billions of dollars in losses and wreaking havoc on critical infrastructure, including schools and hospitals. The charges announced today reflect the FBI’s unyielding commitment to disrupting ransomware organizations and holding the perpetrators accountable.” Six Russians alleged to be LockBit members have now been charged.

A ransomware attack forced the City of Wichita to shut down its computer systems on Sunday, and some services are not available online. Payments of water bills and other functions will have to be conducted at City Hall.

U.S. Attorney General Merrick Garland said LockBit has targeted over 2,000 victims and stolen more than $100 million in ransomware payments. The Justice Department said there was a disruption in February to LockBit ransomware by the U.K. National Crime Agency’s (NCA) Cyber Division, which worked in cooperation with the Justice Department, FBI, and other international law enforcement partners. Officials seized a number of public-facing websites used by LockBit to connect to the organization’s infrastructure and also took control of servers used by LockBit administrators, disrupting the ability of LockBit actors to attack and encrypt networks and extort victims by threatening to publish stolen data. That disruption succeeded in greatly diminishing LockBit’s reputation and its ability to attack further victims, as alleged by the indictment.

The State Department has announced a reward of $10 million for information leading to Khoroshev’s arrest

[ photo: U.S. Treasury Department ]