Mikhail Pavlovich Matveev

Threat Actor updated 2 months ago (2024-07-20T08:17:48.238Z)
Download STIX
Preview STIX
Mikhail Pavlovich Matveev, a Russian national also known by the online monikers Wazawaka, m1x, Boriselcin, and Uhodiransomwar, is identified as a significant threat actor in the global cybersecurity landscape. He is one of five Russians charged over Lockbit, considered to be the world's most dangerous ransomware gang. Matveev has been implicated in multiple ransomware attacks and is alleged to have conspired with other members of the LockBit gang, including Sungatov, Kondratyev, and Vasiliev, to develop and deploy LockBit ransomware and extort payments from victim corporations. In May 2023, the US Justice Department brought charges against Matveev for his role in these cybercrimes. The charges included conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers. This indictment was unsealed in the District of Columbia, highlighting Matveev's participation in a global ransomware campaign that targeted victims in the District of Columbia, the United States, and around the world. Despite these charges, Matveev remains at large along with two other alleged members of the LockBit conspiracy, Artur Sungatov and Ivan Kondratyev. Cybersecurity researchers continue to investigate the inner workings of the ransomware operation led by Matveev, shedding light on the scale and complexity of the attacks he is believed to have orchestrated. His activities underline the ongoing threat posed by international cybercriminal networks and the critical importance of robust cybersecurity measures.
Description last updated: 2024-07-20T08:16:01.773Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Uhodiransomwar
4
Uhodiransomwar, also known as Mikhail Pavlovich Matveev, Wazawaka, m1x, and Boriselcin, is a significant threat actor in the cybersecurity landscape. A Russian national aged 30, Matveev has been implicated in a series of malicious cyber activities since at least 2020. He is alleged to have participa
Wazawaka
4
Wazawaka, identified by the FBI as Mikhail Matveev, is a significant threat actor in the cybercrime landscape. Known for his affiliations with multiple ransomware groups, including LockBit, throughout 2020 and 2021, he became a central figure in the Babuk ransomware-as-a-service gang. Matveev's oper
M1x
3
M1x, also known as Wazawaka, Boriselcin, and Uhodiransomwar, is a threat actor identified as Mikhail Pavlovich Matveev. This individual has been allegedly involved in malicious cyber activities since at least 2020. Matveev's primary mode of operation involves the deployment of ransomware, specifical
Boriselcin
3
Mikhail Pavlovich Matveev, also known as Boriselcin, is a threat actor that has been implicated in significant cybercrime activities. Beginning at least as early as 2020, Matveev has been allegedly involved in deploying three ransomware variants: LockBit, Babuk, and Hive. These attacks targeted vari
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Ransom
Russia
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
IDTypeVotesProfile Description
LockbitUnspecified
4
LockBit is a malicious software, or malware, that has been notably active and damaging in the cyber world. Known for its ability to infiltrate systems often without detection, it can steal personal information, disrupt operations, and even hold data hostage for ransom. In the first half of 2024, Loc
BabukUnspecified
2
Babuk is a type of malware, specifically ransomware, that infiltrates systems to encrypt files and hold them for ransom. This malicious software can infect your system through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can disrupt operations by enc
HiveUnspecified
2
Hive is a malicious software (malware) that has been used by the cybercriminal group, Hunters International, to launch ransomware attacks since October of last year. The group operates as a ransomware-as-a-service (RaaS) provider, spreading Hive rapidly through collaborations with less sophisticated
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
IDTypeVotesProfile Description
Hive RansomwareUnspecified
3
Hive ransomware, a notorious threat actor, emerged as one of the most prolific groups in 2022, executing a series of cyberattacks with malicious intent. This group was responsible for numerous ransomware attacks, causing significant disruptions and damage across various sectors. However, in January
VasilievUnspecified
2
Mikhail Vasiliev, a dual Russian-Canadian national, was identified as a key player in the global LockBit ransomware conspiracy. Alongside other members including Ruslan Magomedovich Astamirov, Mikhail Pavlovich Matveev, and alleged developers Sungatov and Kondratyev, Vasiliev was involved in the dev
Source Document References
Information about the Mikhail Pavlovich Matveev Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
7 months ago
US charges two Russian nationals in LockBit ransomware case amid global crackdown
Securityaffairs
2 months ago
Russian nationals plead guilty to participating in the LockBit ransomware group
Securityaffairs
2 months ago
Russian nationals plead guilty to participating in the LockBit ransomware group
CERT-EU
a year ago
US Offers $10m Reward For Alleged Prolific Ransomware Actor
Securityaffairs
a year ago
A Russian national charged for committing LockBit Ransomware attacks
CERT-EU
9 months ago
Behind the Scenes of Matveev's Ransomware Empire: Tactics and Team
CERT-EU
a year ago
Feds charge, sanction alleged Russian ransomware criminal
Flashpoint
a year ago
COURT DOC: Ransomware Charges Unsealed Against Russian National
CERT-EU
a year ago
Law enforcement agencies cracking down on cyber criminals
Flashpoint
7 months ago
COURT DOC: U.S. and U.K. Disrupt LockBit Ransomware Variant
CERT-EU
7 months ago
Law enforcement leaves taunting post for cyber criminals after locking notorious ransomware gang out of their own website | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
7 months ago
U.S. And United Kingdom Disrupt Prolific 'Lockbit' Cybercrime Gang: DOJ | #cybercrime | #infosec | National Cyber Security Consulting
CERT-EU
7 months ago
U.S. and U.K. Disrupt LockBit Ransomware Variant – Dailyfly | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
7 months ago
Major ransomware site taken down in international law enforcement sting | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
7 months ago
Police arrest LockBit ransomware members, release decryptor in global crackdown
CERT-EU
7 months ago
International policing operation disrupts LockBit ransomware gang - TechCentral.ie
CERT-EU
a year ago
District of New Jersey | Russian National Charged with Ransomware Attacks Against Critical Infrastructure | #ransomware | #cybercrime | National Cyber Security Consulting
CSO Online
a year ago
Russian national indicted for ransomware attacks against the US
CERT-EU
a year ago
The Good, the Bad and the Ugly in Cybersecurity – Week 20 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware – National Cyber Security Consulting
CERT-EU
a year ago
$10M Reward For Arrest Of Russian Hacker