Dmitry Yuryevich Khoroshev

Threat Actor updated 13 days ago (2024-11-08T13:19:00.585Z)
Download STIX
Preview STIX
Dmitry Yuryevich Khoroshev, a Russian national from Voronezh, has been identified as a significant threat actor in the cybersecurity landscape. Known by his alias "LockBitSupp," Khoroshev is allegedly the creator, developer, and administrator of LockBit, a notorious ransomware group. His real identity, which was once a closely guarded secret, was unveiled in May 2024 by the US National Crime Agency (NCA) during Operation Cronos, a joint law enforcement action spearheaded by the UK's NCA and the FBI. Khoroshev's activities have led to multiple charges being filed against him in the District of New Jersey, along with other members of the LockBit group. These charges followed guilty pleas from some of the group's members. Khoroshev's indictment was unsealed in May 2024 by the US, UK, and Australian governments following Operation Cronos, marking a significant step forward in the fight against cybercrime. In response to the threat posed by LockBit under Khoroshev's leadership, authorities have adopted a strategy of using the group's own tactics against them. This includes publically belittling its affiliates and revealing the identities of its leaders. Major actions have also been taken against the group's infrastructure, including seizure operations led by US and UK police forces. These efforts are part of a larger campaign against major ransomware groups, demonstrating a concerted international effort to combat cybercrime.
Description last updated: 2024-11-04T21:01:52.764Z
What's your take? (Question 1 of 1)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
LockBitSupp is a possible alias for Dmitry Yuryevich Khoroshev. LockBitSupp, a prominent threat actor, has been identified as Russian national Dmitry Yuryevich Khoroshev. The group's activities have been under scrutiny due to its involvement in ransomware attacks and other cybercrimes. Khoroshev, who was operating under the aliases "LockBit" and "LockBitSupp," i
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Lockbit Malware is associated with Dmitry Yuryevich Khoroshev. LockBit is a malicious software, or malware, known for its damaging and exploitative functions. It infiltrates systems via dubious downloads, emails, or websites, often without the user's knowledge, and can steal personal information, disrupt operations, or hold data hostage for ransom. The LockBit Unspecified
4
Source Document References
Information about the Dmitry Yuryevich Khoroshev Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
BankInfoSecurity
17 days ago
BankInfoSecurity
2 months ago
InfoSecurity-magazine
2 months ago
BankInfoSecurity
2 months ago
InfoSecurity-magazine
2 months ago
BankInfoSecurity
3 months ago
Flashpoint
4 months ago
DARKReading
4 months ago
InfoSecurity-magazine
4 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
5 months ago