Artur Sungatov

Threat Actor Profile Updated 7 days ago

Download STIX

Preview STIX

Artur Sungatov, a Russian national, has been identified as a significant threat actor affiliated with the LockBit ransomware group. Alongside Ivan Kondratyev (also known as Bassterlord), Sungatov is believed to have actively engaged in LockBit ransomware attacks. These cyberattacks targeted various industries, including manufacturing and logistics across the United States and other parts of the world. The U.S. Office of Foreign Assets Control (OFAC) noted ten cryptocurrency addresses associated with Sungatov and Kondratyev, highlighting their use of digital currencies in their illicit activities. In February 2024, the U.S. Justice Department unsealed an indictment obtained in the District of New Jersey against Sungatov and Kondratyev. The indictment charged them with deploying LockBit ransomware against numerous victims throughout the United States, including businesses nationwide in the manufacturing sector and other industries. This action was part of the wider Operation Cronos, which aimed to disrupt the activities of the LockBit ransomware variant. The seizure of LockBit's data leak site and infrastructure coincided with the announcement of these indictments. The US government had previously charged other members of the LockBit group, including Sungatov and Kondratyev. The charges against Sungatov and Kondratyev mark a significant step forward in efforts to combat the global threat posed by ransomware attacks and highlight the ongoing commitment to holding cybercriminals accountable for their actions.

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
Lockbit	6	LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt
Bassterlord	5	Bassterlord, a prominent figure in the cybercriminal underground, has been identified as a significant threat actor associated with the LockBit group. Known for operating under various aliases such as Ivan Kondratyev and AL3xL7 on Twitter, Bassterlord has openly declared his affiliation to the LockB

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

RaaS

Associated Malware

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
No associations to display

Associated Threat Actors

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
Ivan Kondratyev	Unspecified	4	Ivan Kondratyev, also known as Bassterlord, is a threat actor of Russian nationality who has been indicted by the US Justice Department for his involvement with the LockBit ransomware group. Alongside Artur Sungatov, another Russian national, Kondratyev is accused of deploying LockBit against numero
Vasiliev	Unspecified	2	Mikhail Vasiliev, a dual Russian-Canadian national and known threat actor, was a key figure in the global LockBit ransomware conspiracy. Alongside other members including Artur Sungatov, Ivan Kondratyev, Ruslan Magomedovich Astamirov, and Mikhail Pavlovich Matveev, Vasiliev played a significant role

Associated Vulnerabilities

To see the evidence that has resulted in this association, create a free account

ID	Type	Votes	Profile Description
Mikhail Matveev Wazawaka	Unspecified	1	None

Source Document References

Information about the Artur Sungatov Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source	CreatedAt	Title
Flashpoint	3 days ago	COURT DOC: Two Foreign Nationals Plead Guilty to Participation in LockBit Ransomware Group
DARKReading	4 days ago	Two Foreign Nationals Plead Guilty to Participating in LockBit Ransomware Group
Securityaffairs	6 days ago	Russian nationals plead guilty to participating in the LockBit ransomware group
Securityaffairs	7 days ago	Russian nationals plead guilty to participating in the LockBit ransomware group
Flashpoint	3 months ago	COURT DOC: U.S. Charges Russian National with Developing and Operating LockBit Ransomware
Securityaffairs	3 months ago	Law enforcement agencies identified LockBit ransomware admin and sanctioned him
Krebs on Security	3 months ago	U.S. Charges Russian Man as Boss of LockBit Ransomware Group
BankInfoSecurity	3 months ago	LockBitSupp's Identity Revealed: Dmitry Yuryevich Khoroshev
CERT-EU	5 months ago	Operation Cronos: NCA reveals details of LockBit affiliates
Securityaffairs	5 months ago	More details about Operation Cronos that disrupted Lockbit operation
CERT-EU	5 months ago	US indicts two Russian nationals in LockBit ransomware case \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
CERT-EU	5 months ago	LockBit Ransomware Crackdown: US Sanctions Crypto Wallets \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CERT-EU	5 months ago	Lockbit cybercrime gang disrupted in global takedown \| #cybercrime \| #infosec \| National Cyber Security Consulting
CERT-EU	5 months ago	US, international partners disrupt LockBit ransomware operations \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CERT-EU	5 months ago	Police arrest LockBit ransomware members, release decryptor in global crackdown
CERT-EU	5 months ago	Telehealth & Telecare Aware
CERT-EU	5 months ago	US Offers $15 Mln For Info On LockBit Ransomware Leaders \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CERT-EU	5 months ago	Ransomware group LockBit disrupted by global police operation \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CERT-EU	5 months ago	US Treasury Sanctions Ransomware Used In $9 Billion Attack \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
CERT-EU	5 months ago	Ransomware group LockBit is disrupted by a global police operation \| #ransomware \| #cybercrime \| National Cyber Security Consulting