Mikhail Matveev

Threat Actor updated 2 months ago (2024-10-02T11:00:56.938Z)
Download STIX
Preview STIX
Mikhail Matveev, also known by the aliases Wazawaka, m1x, Boriselcin, and Uhodiransomwar, is a prominent threat actor associated with significant cybercrime activities. His involvement in the cybercrime world was traced back to 2020 and 2021 when he was identified as an affiliate of LockBit, a notorious ransomware group that has been active since 2019. The group's extensive victim list includes major organizations such as Bank of America and the UK Royal Mail. In January 2022, KrebsOnSecurity identified Matveev as a 32-year-old from Khakassia, Russia, linking him to the pseudonym Wazawaka. In May 2023, Matveev was charged in two indictments unsealed in Washington, D.C., and the District of New Jersey. The charges related to his use of various ransomware variants, including LockBit, to attack multiple victims across the United States, notably the Washington, D.C., Metropolitan Police Department. Matveev was also a central figure in the Babuk ransomware-as-a-service gang. These indictments followed the sanctioning of Matveev due to his affiliation with LockBit. Despite the indictments, only a few suspects, including Ruslan Astamirov and Matveev, have been named and charged in connection with the LockBit ransomware attacks. Only Astamirov has been arrested thus far. The FBI has issued a strong warning to these cybercriminals, emphasizing their commitment to pursuing such malicious actors globally. They aim for the indictment, sanctions, and reward for information on Matveev to serve as a deterrent to cybercriminals worldwide, demonstrating that no country can provide them with complete safety or protection.
Description last updated: 2024-10-02T10:15:48.499Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Wazawaka is a possible alias for Mikhail Matveev. Wazawaka, identified by the FBI as Mikhail Matveev, is a significant threat actor in the cybercrime landscape. Known for his affiliations with multiple ransomware groups, including LockBit, throughout 2020 and 2021, he became a central figure in the Babuk ransomware-as-a-service gang. Matveev's oper
4
Uhodiransomwar is a possible alias for Mikhail Matveev. Uhodiransomwar, also known as Mikhail Pavlovich Matveev, Wazawaka, m1x, and Boriselcin, is a significant threat actor in the cybersecurity landscape. A Russian national aged 30, Matveev has been implicated in a series of malicious cyber activities since at least 2020. He is alleged to have participa
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Cybercrime
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Lockbit Malware is associated with Mikhail Matveev. LockBit is a malicious software, or malware, known for its damaging and exploitative functions. It infiltrates systems via dubious downloads, emails, or websites, often without the user's knowledge, and can steal personal information, disrupt operations, or hold data hostage for ransom. The LockBit Unspecified
5
The Babuk Malware is associated with Mikhail Matveev. Babuk is a form of malware, specifically ransomware, that infiltrates computer systems and encrypts files, rendering them inaccessible to the user. It typically infects systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can disrupt operatioUnspecified
2
Source Document References
Information about the Mikhail Matveev Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
2 months ago
Flashpoint
4 months ago
DARKReading
4 months ago
Krebs on Security
5 months ago
Flashpoint
6 months ago
Krebs on Security
6 months ago
BankInfoSecurity
6 months ago
Flashpoint
2 years ago
CERT-EU
8 months ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
Krebs on Security
9 months ago