In a significant development targeting cybercrime, the U.S. Department of Justice (DOJ), in collaboration with U.K. law enforcement agencies, has unsealed an indictment against two Russian nationals, Artur Sungatov and Ivan Kondratyev. The indictment reveals their alleged involvement in orchestrating LockBit ransomware attacks against numerous U.S. companies.
Sungatov is accused of targeting manufacturers, insurance firms, and other entities spanning at least six states since January 2021, while Kondratyev, operating under the moniker “Bassterlord,” purportedly launched ransomware assaults on various targets, including city governments and corporations in Oregon, Puerto Rico, and overseas, beginning in August 2021.
In a press release, U.S. Attorney General Merrick Garland emphasized the collaborative effort, stating, “Today, U.S. and U.K. law enforcement are taking away the keys to their criminal operation.” Additionally, Garland highlighted the DOJ’s proactive measure to aid victims, stating, “we have also obtained keys from the seized LockBit infrastructure to help victims decrypt their captured systems and regain access to their data.”
The Treasury Department’s Office of Foreign Assets Control (OFAC) swiftly sanctioned Sungatov and Kondratyev, imposing restrictions preventing U.S. individuals and companies from engaging in business transactions with them. The sanctions also include freezing any assets held under U.S. jurisdiction. Furthermore, nine Bitcoin and one Ethereum wallet addresses associated with the accused have been added to the sanction list.
Dubbed “Operation Cronos,” the extensive crackdown led to the seizure of numerous servers across Europe, North America, and Australia, which served as the infrastructure for LockBit’s ransomware attacks. These attacks involved encrypting victims’ data and extorting payments. Europol’s Tuesday announcement highlighted the successful dismantling of LockBit’s online infrastructure, including the dark web portal used for publishing sensitive data stolen from non-compliant victims.
Europol Executive Director Catherine De Bolle hailed the operation’s success, stating, “We have now destroyed the online backbone of the LockBit group, one of the world’s most prolific ransomware gangs.”
The joint effort between U.S. and U.K. authorities underscores the determination to combat cyber threats and dismantle criminal networks operating with impunity across borders. As ransomware attacks continue to pose significant risks to businesses and individuals globally, such coordinated actions represent a crucial step towards enhancing cybersecurity and holding perpetrators accountable for their actions.
