Dmitry Yuryevich Khoroshev, a 31-year-old Russian national, is the administrator and creator of the LockBit ransomware campaign, according to the U.K. National Crime Agency (NCA).
The Australian Department of Foreign Affairs, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), and the Foreign, Commonwealth and Development Office (FCD) of the United Kingdom have also sanctioned Khoroshev.
According to a press release from Europol, investigators are in possession of over 2,500 decryption keys and are still reaching out to LockBit victims to provide assistance.
A travel ban and asset freeze have also been imposed on Khoroshev, also known by the aliases LockBitSupp and putinkrab. The U.S. Department of State is offering a reward of up to $10 million for information that leads to his arrest and/or conviction.
The organisation has previously offered rewards of up to $15 million for information that would lead to the identification and whereabouts of important LockBit ransomware variant group leaders as well as information that would result in the group’s members’ arrests and/or convictions.
Separately, the Department of Justice (DoJ) unveiled an indictment that accuses Khoroshev of 26 counts. These counts include one of conspiracy to commit wire fraud, one count of conspiracy to commit fraud, extortion, and related activity in connection with computers, eight counts of intentional damage to a protected computer, eight counts of extortion related to confidential information from a protected computer, and eight counts of extortion related to damage to a protected computer.
The maximum sentence for all of the crimes is 185 years in jail. In addition, there is a financial penalty for each charge that can be as much as $250,000, financial gain for the perpetrator, or financial injury for the victim.
“As a core LockBit group leader and developer of the LockBit ransomware, Khoroshev has performed a variety of operational and administrative roles for the cybercrime group, and has benefited financially from the LockBit ransomware attacks,” claimed the Treasury Department of the United States.
“Khoroshev has supervised LockBit affiliates, hired new developers for the ransomware, and assisted in the updating of the LockBit infrastructure. In addition, he oversees LockBit’s efforts to carry on business following the disruption caused earlier this year by the United States and its allies.”
https://www.bleepstatic.com/content/hl-images/2023/02/07/LockBit.jpg
Update: According to LockBitSupp, he is not Khoroshev.
LockBitSupp denied being Khoroshev, the man the police claim is the group’s mastermind, in an interview with Recorded Future News, saying he did not “know this person.” They added that it was an attempt to harm their name and that they did not interact with the authorities.
“The objective remains unchanged: to target one million businesses,” they declared, urging individuals to sign up for their affiliate scheme and get wealthy. “The pressure from law enforcement only motivates me and makes me work harder.”