Boriselcin

Threat Actor updated 7 months ago (2024-05-04T17:22:56.504Z)
Download STIX
Preview STIX
Mikhail Pavlovich Matveev, also known as Boriselcin, is a threat actor that has been implicated in significant cybercrime activities. Beginning at least as early as 2020, Matveev has been allegedly involved in deploying three ransomware variants: LockBit, Babuk, and Hive. These attacks targeted various entities including law enforcement agencies, hospitals, schools, and other government organizations. The U.S. Department of Justice (DOJ) indictment suggests that Matveev transmitted ransom demands related to each of these ransomware variants. In May 2023, the DOJ announced the indictment of Matveev for his alleged involvement in the deployment of these ransomware variants against victims both within the United States and abroad. Matveev, who used multiple aliases such as Wazawaka, m1x, Boriselcin, and Uhodiransomwar, is believed to be behind numerous substantial attacks on companies and critical infrastructure. Notably, he was identified as "Boriselcin", a brash personality who was the public persona of Babuk, a ransomware affiliate program that emerged on New Year's Eve 2020. Matveev, a 30-year-old Russian national, is considered by the FBI as one of the most wanted hackers. He is accused of working with three different ransomware gangs that extorted hundreds of millions of dollars from a range of institutions. Known for his bold online presence, Matveev operated under several monikers on cybercrime forums, including "Boriselcin". His activities have led to significant disruptions and financial losses, highlighting the ongoing threat posed by sophisticated cybercriminals.
Description last updated: 2024-05-04T17:12:12.224Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Wazawaka is a possible alias for Boriselcin. Wazawaka, identified by the FBI as Mikhail Matveev, is a significant threat actor in the cybercrime landscape. Known for his affiliations with multiple ransomware groups, including LockBit, throughout 2020 and 2021, he became a central figure in the Babuk ransomware-as-a-service gang. Matveev's oper
4
M1x is a possible alias for Boriselcin. M1x, also known as Wazawaka, Boriselcin, and Uhodiransomwar, is a threat actor identified as Mikhail Pavlovich Matveev. This individual has been allegedly involved in malicious cyber activities since at least 2020. Matveev's primary mode of operation involves the deployment of ransomware, specifical
3
Uhodiransomwar is a possible alias for Boriselcin. Uhodiransomwar, also known as Mikhail Pavlovich Matveev, Wazawaka, m1x, and Boriselcin, is a significant threat actor in the cybersecurity landscape. A Russian national aged 30, Matveev has been implicated in a series of malicious cyber activities since at least 2020. He is alleged to have participa
3
Mikhail Pavlovich Matveev is a possible alias for Boriselcin. Mikhail Pavlovich Matveev, a Russian national also known by online monikers Wazawaka, m1x, Boriselcin, and Uhodiransomwar, has been identified as a major threat actor in the world of cybersecurity. Matveev is among five Russians charged in connection with Lockbit, a group widely recognized as one of
3
Mikhail Pavolovich Matveev is a possible alias for Boriselcin.
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Cybercrime
Ransom
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Babuk Malware is associated with Boriselcin. Babuk is a form of malware, specifically ransomware, that infiltrates computer systems and encrypts files, rendering them inaccessible to the user. It typically infects systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can disrupt operatioUnspecified
3
The Lockbit Malware is associated with Boriselcin. LockBit is a malicious software, or malware, known for its damaging and exploitative functions. It infiltrates systems via dubious downloads, emails, or websites, often without the user's knowledge, and can steal personal information, disrupt operations, or hold data hostage for ransom. The LockBit Unspecified
3
The Hive Malware is associated with Boriselcin. Hive is a form of malware, specifically ransomware, designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Hive can steal personal information, disrupt operations, or hold data hostagUnspecified
2
Source Document References
Information about the Boriselcin Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
a year ago
CSO Online
2 years ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
Krebs on Security
2 years ago
Flashpoint
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
a year ago