Russian-Israeli Ransomware Developer Arrested in Israel Faces U.S. Extradition on Hacking and Extortion Charges

Ransomware: A Russian-Israeli ransomware developer arrested in Israel may be extradited to the United States for alleged hacking and extortion, the Israeli Justice Ministry and the U.S. Department of Justice announced last week.

Rostislav Panev, 51, was arrested in Israel this August for allegedly being a developer for the LockBit ransomware

and maintaining its infrastructure. LockBit is a notorious hacker group that has allegedly targeted 2,500 victims worldwide, extorting over $500 million in ransom and causing billions of dollars in damages.

The Israeli Justice Ministry lifted a publication ban last Thursday to disclose that the State Attorney’s Office had

filed a petition for extradition of Panev to the U.S. in October. A hearing on the petition is set for January 5. During his involvement with the group from 2019 through 2024, Panev is said to have received $230,000 in

Bitcoin as a software developer involved in the extortion. U.S. officials also said Friday that Israeli law enforcement had found administrator credentials for an online repository that stored the LockBit source code, which affiliates

used to create customized ransomware builds for individual victims. The repository also housed the StealBit tool, which purportedly helped to exfiltrate stolen data. He reportedly told Israeli investigators that he had written

code, developed programs, and consulted for the LockBit group. Specifically, he reportedly conceded to the

creation of code which helped the ransomware to neutralize AV, spread over victims’ infected devices, and even print-out-of-the-blue ransom notes on their printers.

On Friday, the U.S. Department of Justice unsealed its complaint against Panev, listing 41 counts including conspiracy to commit computer fraud, wire fraud, intentional damage to protected computers, and extortion related to data obtained unlawfully from protected systems.

“Rostislav Panev spent years building and maintaining the digital tools that enabled his LockBit co-conspirators to cause billions of dollars in damage worldwide,” said New Jersey District U.S. Attorney Philip Sellinger in a press release.

“Like the other six previously charged members of LockBit, the FBI and our Criminal Division partners, Panev could only run for so long. Justice caught up to him, and now he must answer for those crimes. Today’s

announcement was another significant step in dismantling the LockBit organization, and our international efforts

will continue until each member is held accountable”. The complaint also revealed that LockBit has targeted

some 1,800 victims in the United States alone, with 55 being from New Jersey. Victims of the group include

global corporations, small businesses, hospitals, schools, non-profit organizations, critical infrastructure, government, and law enforcement agencies from various countries, including the United Kingdom, Israel, France,

Australia, Germany, Argentina, Kenya, Switzerland, Finland, the Netherlands, Japan, Canada, Spain, Italy, and China.

Many members of LockBit are from Russia, and in July, two suspected affiliates identified as Mikhail Vasiliev and Ruslan Astamirov pleaded guilty to being part of the group. Other suspected members, identified as Artur

Sungatov, Ivan Kondratyev, and Mikhail Matveev, who remain at large, had indictments unsealed against them in 2023 and 2024.

An indictment in May identified Dmitry Yuryevich Khoroshev as the creator and primary administrator of the group. The U.S. State Department’s Transnational Organized Crime Rewards Program has offered up to $10

million for information leading to his arrest. All identified members are sanctioned by the U.S.

The post Russian-Israeli Ransomware Developer Arrested in Israel Faces U.S. Extradition on Hacking and Extortion Charges appeared first on Asaase Radio.