M1x

Threat Actor Profile Updated 24 days ago
Download STIX
Preview STIX
M1x, also known as Wazawaka, Boriselcin, and Uhodiransomwar, is a threat actor identified as Mikhail Pavlovich Matveev. This individual has been allegedly involved in malicious cyber activities since at least 2020. Matveev's primary mode of operation involves the deployment of ransomware, specifically three variants known as LockBit, Babuk, and Hive. These ransomware attacks have been targeted towards various sectors including law enforcement, government agencies, hospitals, and schools, causing significant disruption and damage. According to an indictment obtained by the District of New Jersey, Matveev not only deployed these ransomware variants but also transmitted ransom demands associated with each attack. The Department of Justice (DOJ) statement provides evidence of his extensive involvement in these cybercrimes. His actions represent a serious threat to both private and public entities, disrupting their operations and potentially leading to breaches of sensitive data. In May 2023, the DOJ announced the indictment of Matveev for his alleged participation in these separate conspiracies. His activities extend beyond the United States, affecting victims abroad as well. The charges brought against him underline the seriousness of his offenses and the ongoing efforts of law enforcement agencies to combat such threats. The indictment serves as a warning to other potential threat actors and highlights the importance of robust cybersecurity measures.
What's your take? (Question 1 of 5)
9dcf5094-5959-48e8-b4b1-ee3cc5f52ce8 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Uhodiransomwar
3
Uhodiransomwar, also known as Mikhail Pavlovich Matveev, Wazawaka, m1x, and Boriselcin, is a threat actor who has been active since at least 2020. Matveev, a 30-year-old Russian national, is alleged to have participated in conspiracies to deploy three ransomware variants: LockBit, Babuk, and Hive. T
Boriselcin
3
Mikhail Pavlovich Matveev, also known as Boriselcin, is a threat actor that has been implicated in significant cybercrime activities. Beginning at least as early as 2020, Matveev has been allegedly involved in deploying three ransomware variants: LockBit, Babuk, and Hive. These attacks targeted vari
Mikhail Pavlovich Matveev
3
Mikhail Pavlovich Matveev, a Russian national also known by the online monikers Wazawaka, m1x, Boriselcin, and Uhodiransomwar, is identified as a significant threat actor in the cybersecurity landscape. He is one of five Russians charged over their involvement with Lockbit, a group regarded as the w
Wazawaka
3
Wazawaka, identified by the FBI as Mikhail Matveev, is a prominent threat actor in the cybercrime underworld with previous affiliations to LockBit ransomware groups. Throughout 2020 and 2021, he functioned as an affiliate for multiple ransomware organizations, including LockBit. In January 2022, Kre
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
LockbitUnspecified
2
LockBit is a malicious software, or malware, that has been significantly active in recent years. It is designed to infiltrate systems and cause significant damage by stealing sensitive information, disrupting operations, and holding data hostage for ransom. In 2023, security firm Rapid7 named LockBi
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the M1x Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CSO Online
a year ago
Russian national indicted for ransomware attacks against the US
CERT-EU
8 months ago
District of New Jersey | Russian National Charged with Ransomware Attacks Against Critical Infrastructure | #ransomware | #cybercrime | National Cyber Security Consulting
Flashpoint
a year ago
COURT DOC: Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses