NEWARK, NJ — In a significant development in cybercrime enforcement, two members of the infamous LockBit ransomware group have pleaded guilty to launching cyberattacks across the globe, including extensive activities in the United States. Ruslan Magomedovich Astamirov, 21, from the Chechen Republic, Russia, and Mikhail Vasiliev, 34, a dual Canadian and Russian national from Bradford, Ontario, admitted their roles in what has been described as one of the most prolific ransomware groups in recent history.
LockBit, which first surfaced in January 2020, rapidly escalated to become a leading figure in global cyberattacks, impacting over 2,500 victims in at least 120 countries, including 1,800 in the United States. Victims ranged from small entities to large multinational corporations and covered critical sectors such as healthcare, education, and government. The group is responsible for extorting approximately $500 million in ransom and causing billions more in broader economic damages.
The group’s operations involved identifying vulnerable computer systems, deploying ransomware to encrypt data, and then demanding ransoms for data decryption and non-release. If the ransom was not paid, LockBit affiliates would permanently encrypt the victims’ data and leak sensitive information online.
U.S. Attorney Philip R. Sellinger for the District of New Jersey emphasized that these convictions demonstrate the commitment of U.S. and international law enforcement to bring cybercriminals to justice, regardless of their location. Deputy Attorney General Lisa Monaco highlighted the success of the Department’s strategic enforcement against ransomware, which includes seizing LockBit’s infrastructure and distributing decryption keys to aid victims earlier this year.
The conviction of Astamirov and Vasiliev marks a crucial step in the ongoing battle against cyber threats and underscores the global reach of law enforcement efforts to combat cybercrime.