Boriselcin

Threat Actor Profile Updated 24 days ago
Download STIX
Preview STIX
Mikhail Pavlovich Matveev, also known as Boriselcin, is a threat actor that has been implicated in significant cybercrime activities. Beginning at least as early as 2020, Matveev has been allegedly involved in deploying three ransomware variants: LockBit, Babuk, and Hive. These attacks targeted various entities including law enforcement agencies, hospitals, schools, and other government organizations. The U.S. Department of Justice (DOJ) indictment suggests that Matveev transmitted ransom demands related to each of these ransomware variants. In May 2023, the DOJ announced the indictment of Matveev for his alleged involvement in the deployment of these ransomware variants against victims both within the United States and abroad. Matveev, who used multiple aliases such as Wazawaka, m1x, Boriselcin, and Uhodiransomwar, is believed to be behind numerous substantial attacks on companies and critical infrastructure. Notably, he was identified as "Boriselcin", a brash personality who was the public persona of Babuk, a ransomware affiliate program that emerged on New Year's Eve 2020. Matveev, a 30-year-old Russian national, is considered by the FBI as one of the most wanted hackers. He is accused of working with three different ransomware gangs that extorted hundreds of millions of dollars from a range of institutions. Known for his bold online presence, Matveev operated under several monikers on cybercrime forums, including "Boriselcin". His activities have led to significant disruptions and financial losses, highlighting the ongoing threat posed by sophisticated cybercriminals.
What's your take? (Question 1 of 5)
6f0c26a3-893f-4344-b3f5-4e718794e4ce Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Wazawaka
4
Wazawaka, identified by the FBI as Mikhail Matveev, is a prominent threat actor in the cybercrime underworld with previous affiliations to LockBit ransomware groups. Throughout 2020 and 2021, he functioned as an affiliate for multiple ransomware organizations, including LockBit. In January 2022, Kre
M1x
3
M1x, also known as Wazawaka, Boriselcin, and Uhodiransomwar, is a threat actor identified as Mikhail Pavlovich Matveev. This individual has been allegedly involved in malicious cyber activities since at least 2020. Matveev's primary mode of operation involves the deployment of ransomware, specifical
Uhodiransomwar
3
Uhodiransomwar, also known as Mikhail Pavlovich Matveev, Wazawaka, m1x, and Boriselcin, is a threat actor who has been active since at least 2020. Matveev, a 30-year-old Russian national, is alleged to have participated in conspiracies to deploy three ransomware variants: LockBit, Babuk, and Hive. T
Mikhail Pavlovich Matveev
3
Mikhail Pavlovich Matveev, a Russian national also known by the online monikers Wazawaka, m1x, Boriselcin, and Uhodiransomwar, is identified as a significant threat actor in the cybersecurity landscape. He is one of five Russians charged over their involvement with Lockbit, a group regarded as the w
Mikhail Pavolovich Matveev
2
None
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Cybercrime
Ransom
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
BabukUnspecified
3
Babuk is a form of malware, specifically ransomware, that infiltrates systems often through suspicious downloads, emails, or websites. Once inside, it can cause severe disruptions, steal personal data, or even hold the system's data hostage for ransom. Various versions and variants of Babuk ransomwa
LockbitUnspecified
3
LockBit is a malicious software, or malware, that has been significantly active in recent years. It is designed to infiltrate systems and cause significant damage by stealing sensitive information, disrupting operations, and holding data hostage for ransom. In 2023, security firm Rapid7 named LockBi
HiveUnspecified
2
Hive is a malicious software, or malware, known for its disruptive capabilities and widespread damage. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data h
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Boriselcin Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
8 months ago
Infamous Russian hacker mocks the FBI by selling t-shirts featuring his most wanted poster
CERT-EU
a year ago
Russian Hacker “Wazawaka” Indicted for Ransomware - GIXtools
Krebs on Security
a year ago
Russian Hacker “Wazawaka” Indicted for Ransomware
CERT-EU
a year ago
Who wants to be a millionaire by giving a tip to FBI about this hacker?
CERT-EU
a year ago
Russian national charged with ransomware attacks against critical infrastructure
Flashpoint
a year ago
COURT DOC: Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses
CERT-EU
8 months ago
FBI Most-Wanted Russian Hacker Reveals Why He Burned His Passport | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
8 months ago
One of the FBI's Most Wanted Hackers Is Trolling the US Government | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CSO Online
a year ago
Russian national indicted for ransomware attacks against the US
CERT-EU
8 months ago
District of New Jersey | Russian National Charged with Ransomware Attacks Against Critical Infrastructure | #ransomware | #cybercrime | National Cyber Security Consulting
CERT-EU
8 months ago
One of the FBI's Most Wanted Hackers Is Trolling the US Government - Slashdot