Ivan Kondratyev

Threat Actor updated a month ago (2024-11-29T14:31:45.342Z)
Download STIX
Preview STIX
Ivan Kondratyev, also known as Bassterlord, is a recognized threat actor associated with the notorious LockBit ransomware group. The Russian national has been linked to malicious cyber activities targeting numerous businesses and industries across the United States and globally. Operating alongside Artur Sungatov, another Russian national, Kondratyev has been implicated in deploying the LockBit ransomware against victims in various sectors including manufacturing, semiconductors, logistics, and insurance. In February 2024, an indictment was unsealed in the District of New Jersey charging Kondratyev and Sungatov with their cybercrimes. This action coincided with a major disruption operation aimed at mitigating the impact of the LockBit ransomware. As part of this operation, the US Justice Department seized LockBit's data leak site and infrastructure, further crippling the group's nefarious activities. The U.S. government has also imposed sanctions on Kondratyev and Sungatov, identifying ten cryptocurrency addresses associated with them. These actions reflect the ongoing efforts by authorities to disrupt the operations of threat actors like Kondratyev and hold them accountable for their crimes. Notably, Kondratyev and Sungatov are not the only members of the LockBit group to face charges; other members have been similarly indicted in the past.
Description last updated: 2024-08-14T09:10:29.827Z
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Bassterlord is a possible alias for Ivan Kondratyev. Bassterlord, a known threat actor and affiliate of the LockBit group, has been associated with multiple malicious cyber activities since August 2021. Operating under the alias "Bassterlord," Ivan Kondratyev allegedly deployed LockBit ransomware against private and municipal entities in New York, Ore
4
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Lockbit Malware is associated with Ivan Kondratyev. LockBit is a prominent ransomware-as-a-service (RaaS) malware that has been involved in numerous cyberattacks, demonstrating its staying power and adaptability. The malware, which can infiltrate systems through suspicious downloads, emails, or websites, is designed to exploit and damage computers oris related to
4
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Artur Sungatov Threat Actor is associated with Ivan Kondratyev. In February 2024, the U.S. Justice Department unsealed an indictment in the District of New Jersey against Russian nationals Artur Sungatov and Ivan Kondratyev, also known as Bassterlord, for their involvement with the LockBit ransomware group. This notorious cybercriminal organization has been actiUnspecified
4
The Vasiliev Threat Actor is associated with Ivan Kondratyev. Mikhail Vasiliev, a dual Russian-Canadian national known by various online aliases such as "Ghostrider," was a key threat actor involved in the global LockBit ransomware campaign. Alongside fellow members like Ruslan Magomedovich Astamirov, and others including Sungatov, Kondratyev, and Mikhail PavlUnspecified
2
Source Document References
Information about the Ivan Kondratyev Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
10 months ago
Flashpoint
5 months ago
DARKReading
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Flashpoint
8 months ago
Securityaffairs
8 months ago
Securityaffairs
10 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago
Flashpoint
10 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago