Artur Sungatov

Threat Actor updated 2 months ago (2024-10-02T11:00:58.448Z)

Download STIX

Preview STIX

In February 2024, the U.S. Justice Department unsealed an indictment in the District of New Jersey against Russian nationals Artur Sungatov and Ivan Kondratyev, also known as Bassterlord, for their involvement with the LockBit ransomware group. This notorious cybercriminal organization has been active since 2019, targeting numerous victims globally, including major businesses in manufacturing, logistics, and the semiconductor industries. The indictment charges both individuals with deploying LockBit ransomware against various organizations across the United States and beyond. The disruption of LockBit's operations coincided with the seizure of its data leak site and infrastructure, highlighting a coordinated effort by law enforcement to dismantle this criminal network. The U.S. government has previously charged multiple affiliates of LockBit, including Sungatov, who is noted for his active engagement in ransomware attacks that have impacted significant entities such as Bank of America and the UK Royal Mail. These actions reflect a broader crackdown on cybercrime, particularly those perpetrated by Russian nationals. Additionally, the Office of Foreign Assets Control (OFAC) has sanctioned Sungatov and Kondratyev, identifying ten cryptocurrency addresses linked to their illicit activities. This comprehensive approach underscores the seriousness of the threat posed by the LockBit group and emphasizes the ongoing commitment of U.S. authorities to combat ransomware and protect critical infrastructure from cyber threats.

Description last updated: 2024-10-02T10:15:32.089Z

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Bassterlord is a possible alias for Artur Sungatov. Bassterlord, a known threat actor and affiliate of the LockBit group, has been associated with multiple malicious cyber activities since August 2021. Operating under the alias "Bassterlord," Ivan Kondratyev allegedly deployed LockBit ransomware against private and municipal entities in New York, Ore	5

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Lockbit Malware is associated with Artur Sungatov. LockBit is a malicious software, or malware, known for its damaging and exploitative functions. It infiltrates systems via dubious downloads, emails, or websites, often without the user's knowledge, and can steal personal information, disrupt operations, or hold data hostage for ransom. The LockBit	is related to	6

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The Ivan Kondratyev Threat Actor is associated with Artur Sungatov. Ivan Kondratyev, also known as Bassterlord, is a recognized threat actor associated with the notorious LockBit ransomware group. The Russian national has been linked to malicious cyber activities targeting numerous businesses and industries across the United States and globally. Operating alongside	Unspecified	4
The Vasiliev Threat Actor is associated with Artur Sungatov. Mikhail Vasiliev, a dual Russian-Canadian national known by various online aliases such as "Ghostrider," was a key threat actor involved in the global LockBit ransomware campaign. Alongside fellow members like Ruslan Magomedovich Astamirov, and others including Sungatov, Kondratyev, and Mikhail Pavl	Unspecified	2

Source Document References

Information about the Artur Sungatov Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	2 months ago	Police arrested four new individuals linked to the LockBit ransomware operation
CERT-EU	9 months ago	LockBit: FBI and allies seize dark-web site of world’s most prolific ransomware gang \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware
CERT-EU	9 months ago	US charges two Russian nationals in LockBit ransomware case amid global crackdown
Flashpoint	4 months ago	COURT DOC: Two Foreign Nationals Plead Guilty to Participation in LockBit Ransomware Group
DARKReading	4 months ago	Two Foreign Nationals Plead Guilty to Participating in LockBit Ransomware Group
Securityaffairs	4 months ago	Russian nationals plead guilty to participating in the LockBit ransomware group
Securityaffairs	4 months ago	Russian nationals plead guilty to participating in the LockBit ransomware group
Flashpoint	7 months ago	COURT DOC: U.S. Charges Russian National with Developing and Operating LockBit Ransomware
Securityaffairs	7 months ago	Law enforcement agencies identified LockBit ransomware admin and sanctioned him
Krebs on Security	7 months ago	U.S. Charges Russian Man as Boss of LockBit Ransomware Group
BankInfoSecurity	7 months ago	LockBitSupp's Identity Revealed: Dmitry Yuryevich Khoroshev
CERT-EU	9 months ago	Operation Cronos: NCA reveals details of LockBit affiliates
Securityaffairs	9 months ago	More details about Operation Cronos that disrupted Lockbit operation
CERT-EU	9 months ago	US indicts two Russian nationals in LockBit ransomware case \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
CERT-EU	9 months ago	LockBit Ransomware Crackdown: US Sanctions Crypto Wallets \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CERT-EU	9 months ago	Lockbit cybercrime gang disrupted in global takedown \| #cybercrime \| #infosec \| National Cyber Security Consulting
CERT-EU	9 months ago	US, international partners disrupt LockBit ransomware operations \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CERT-EU	9 months ago	Police arrest LockBit ransomware members, release decryptor in global crackdown
CERT-EU	9 months ago	Telehealth & Telecare Aware
CERT-EU	9 months ago	US Offers $15 Mln For Info On LockBit Ransomware Leaders \| #ransomware \| #cybercrime \| National Cyber Security Consulting