Curated Content | Thought Leadership | Technology News

Ransomware Leader ‘LockBitSupp’ is Finally Identified in Stunning Indictment

Extorted $500 million since 2019.
Ryan Uliss
Contributing Writer
Funny dog detective with glass and coat on dark background.

For years, the shadowy figure known as “LockBitSupp” operated in a shroud of internet anonymity, gleefully taunting law enforcement while boasting about the billions in profits earned through the prolific LockBit ransomware operation. LockBitSupp reveled in this secret identity, even arrogantly offering a $10 million bounty to anyone capable of unmasking him.

This week, the veil of anonymity was dramatically lifted when U.S. federal prosecutors in New Jersey unsealed a sweeping 26-count indictment against 31-year-old Russian national Dmitry Yuryevich Khoroshev. The charges, which include conspiracy, fraud, computer damage, and extortion, could result in a maximum prison sentence of 185 years if he is convicted.

Staggering Ransomware Profits and Damage

According to the indictment, Khoroshev conceived, developed, and administered the LockBit ransomware-as-a-service empire, enabling himself and his affiliates to extort over $500 million from approximately 2,500 victims worldwide since 2019. An estimated 1,800 of those victims were located in the United States. Prosecutors allege Khoroshev personally pocketed around $100 million from these illicit activities.

The financial toll was only part of the devastation wrought by LockBit. The indictment states the group’s attacks “severely disrupted their victims’ operations, causing lost revenue and expenses associated with incident response and recovery.” All told, LockBit’s rampage inflicted “damage around the world totaling billions of U.S. dollars.”

Moreover, sensitive data stolen during these incidents remained compromised indefinitely, despite false promises from Khoroshev and his co-conspirators. Victims spanned industries and included major companies like Boeing and Royal Mail, as well as hospitals where the attacks risked patient safety by delaying procedures and test results.

Suspect Challenges the Charges

Despite extensive evidence presented by authorities, the individual identified as LockBitSupp has vehemently denied the allegations. In a statement via an encrypted messaging app on the Click Here podcast from The Record, he claimed, “The FBI is bluffing, I’m not Dmitry, I feel sorry for the real Dmitry,” challenging the identification process.

He criticized the legal basis of the accusations, asserting, “I thought the U.S. was a rule-of-law state; without evidence, you can’t accuse someone. I was wrong.” These remarks highlight some of the complexities within cybercrime investigations, where digital and real-world identities often blur, complicating efforts to pinpoint and prosecute cybercriminals accurately.

International Crackdown and Remaining Threats

The identification of Khoroshev represents another significant blow in a coordinated global crackdown on LockBit’s activities. In February, Operation Cronos saw law enforcement from over a dozen countries seize control of LockBit’s infrastructure, freeze cryptocurrency accounts, and issue multiple indictments and arrests of alleged affiliates.

The U.S. State Department has now announced a $10 million reward for information leading to Khoroshev’s arrest and conviction. Sanctions were also imposed by the U.S., U.K., and Australia aimed at disrupting payments to LockBit and its members.

An estimated 69 active LockBit affiliates remain at large, still holding extorted funds from victims. As the FBI’s Brett Leatherman stated, “There’s still money out there…we want to understand where that money is and, if there’s any opportunity to, get that money back.”

The Wrap

As the saga of LockBitSupp unfolds, the cybersecurity community and law enforcement worldwide watch closely, signaling a powerful response to the growing ransomware threat. This case sheds light on the global reach and destructive potential of cybercriminal enterprises and highlights the complexities and challenges of attributing cybercrimes to real-world identities.

As Dmitry Khoroshev faces a possible 185-year prison sentence, the outcome of this case could set a significant precedent for future cybersecurity enforcement, demonstrating that even the most elusive cyber criminals can be brought to justice.

Go Deeper -> U.S. Charges Russian National with Developing and Operating LockBit Ransomware – U.S. Department of Justice

LockBitSupp Identified as Dmitry Khoroshev and Indicted for Ransomware Crimes – The Record

Ransomware Mastermind LockBitSupp Reveled in his Anonymity—Now he’s Been ID’d – ARS Technica

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

ADVERTISEMENT

×
You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Thanks for subscribing!

We’re excited to have you on board. Stay tuned for the latest technology news delivered straight to your inbox.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters