Latest Tech News

Russian Affiliate Behind LockBit Ransomware Apprehended in Arizona at Age 20


The U.S. Department of Justice (DoJ) has announced charges against a Russian national for his alleged involvement in deploying LockBit ransomware to targets across different regions. The accused, Ruslan Magomedovich Astamirov, a 20-year-old from Chechen Republic, is said to have carried out at least five attacks between August 2020 and March 2023. Astamirov was apprehended in Arizona last month.

According to the DoJ, Astamirov participated in a conspiracy with other members of the LockBit ransomware campaign, engaging in wire fraud and intentionally damaging protected computers. The group deployed ransomware and made ransom demands. Astamirov managed various email addresses, IP addresses, and online accounts to deploy the ransomware and communicate with the victims.

Law enforcement agencies were able to trace a portion of a victim’s ransom payment to a virtual currency address operated by Astamirov.

If convicted, Astamirov faces a maximum penalty of 20 years in prison for the first charge and a maximum penalty of five years in prison for the second charge.

Astamirov is the third individual to face prosecution in the U.S. in connection with LockBit, following Mikhail Vasiliev, who awaits extradition, and Mikhail Pavlovich Matveev, who was indicted last month for involvement in LockBit, Babuk, and Hive ransomware. Matveev remains at large.

In a recent interview, Matveev expressed no surprise at being included in the FBI’s Cyber Most Wanted list, claiming that the news about him would be forgotten soon. He admitted his role as an affiliate for the now-defunct Hive operation and expressed a desire to elevate IT in Russia to the next level.

The DoJ’s statement follows a joint advisory by cybersecurity authorities from Australia, Canada, France, Germany, New Zealand, the U.K., and the U.S., warning about LockBit ransomware.

LockBit operates under the ransomware-as-a-service (RaaS) model, where the core team recruits affiliates to carry out attacks against corporate networks on their behalf in exchange for a share of the proceeds. The affiliates utilize double extortion techniques by encrypting victim data and threatening to leak it if the ransom is not paid.

Since its emergence in late 2019, LockBit has launched approximately 1,700 attacks, although the actual number could be higher. The group selectively reveals the names and leaked data of victims who refuse to pay ransoms on dark web leak sites.

Creative Mind

Hello Dope SOUL'S, I'm the founder of, a self-taught blogger with a passion for technology. My journey began with a fascination for tech's power to shape our world, leading me to self-learn computer science and engineering. After years as a self-taught software engineer, I realized my true calling lay in sharing knowledge. This inspired, where I provide valuable insights on tech trends, gadgets, and software. As a self-taught blogger, I explore new tech, analyze trends, and offer honest reviews. I believe in demystifying complex subjects for both tech enthusiasts and beginners. Beyond blogging, I actively engage in tech conferences, collaborating with industry pros to ensure my content stays accurate and relevant. is a platform dedicated to sharing knowledge, connecting with the tech community, and helping readers navigate the ever-evolving tech landscape. Thanks for joining this journey. Stay curious and tech-savvy! Best regards, [Creative Mind] Founder,

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button