Uhodiransomwar

Threat Actor updated 25 days ago (2024-08-14T09:25:14.919Z)

Download STIX

Preview STIX

Uhodiransomwar, also known as Mikhail Pavlovich Matveev, Wazawaka, m1x, and Boriselcin, is a significant threat actor in the cybersecurity landscape. A Russian national aged 30, Matveev has been implicated in a series of malicious cyber activities since at least 2020. He is alleged to have participated in conspiracies to deploy multiple ransomware variants, including LockBit, Babuk, and Hive, with his actions resulting in substantial harm to various entities throughout the United States. In May 2023, two indictments were unsealed in Washington, D.C., and the District of New Jersey, charging Matveev with using these ransomware variants to attack numerous victims. Notably, his targets included law enforcement and other government agencies, hospitals, and schools, indicating a wide-ranging and indiscriminate strategy. Among the victims was the Washington, D.C., Metropolitan Police Department, underscoring the severity of his attacks. The US Justice Department subsequently charged Matveev for his alleged role in these multiple ransomware attacks. The charges include conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers. In response to his actions, the US government has imposed cyber-related sanctions on Matveev, reflecting the seriousness of his offenses and the ongoing efforts to deter such harmful activities.

Description last updated: 2024-08-14T09:10:42.493Z

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
Mikhail Pavlovich Matveev	4	Mikhail Pavlovich Matveev, a Russian national also known by the online monikers Wazawaka, m1x, Boriselcin, and Uhodiransomwar, is identified as a significant threat actor in the global cybersecurity landscape. He is one of five Russians charged over Lockbit, considered to be the world's most dangero
Boriselcin	3	Mikhail Pavlovich Matveev, also known as Boriselcin, is a threat actor that has been implicated in significant cybercrime activities. Beginning at least as early as 2020, Matveev has been allegedly involved in deploying three ransomware variants: LockBit, Babuk, and Hive. These attacks targeted vari
Wazawaka	3	Wazawaka, identified by the FBI as Mikhail Matveev, is a significant threat actor in the cybercrime landscape. Known for his affiliations with multiple ransomware groups, including LockBit, throughout 2020 and 2021, he became a central figure in the Babuk ransomware-as-a-service gang. Matveev's oper
M1x	3	M1x, also known as Wazawaka, Boriselcin, and Uhodiransomwar, is a threat actor identified as Mikhail Pavlovich Matveev. This individual has been allegedly involved in malicious cyber activities since at least 2020. Matveev's primary mode of operation involves the deployment of ransomware, specifical
Mikhail Matveev	2	Mikhail Matveev, also known by his online pseudonyms "Wazawaka," "m1x," "Boriselcin," and "Uhodiransomwar," is a prominent figure in the cybercrime underworld with previous affiliations to LockBit ransomware. Identified as a 31-year-old from Abaza, Russia, Matveev was initially exposed by KrebsOnSec

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

Ransom

Russia

XSS (Cross S...

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
Lockbit	Unspecified	4	LockBit is a malicious software, or malware, that has been notably active and damaging in the cyber world. Known for its ability to infiltrate systems often without detection, it can steal personal information, disrupt operations, and even hold data hostage for ransom. In the first half of 2024, Loc
Hive	Unspecified	2	Hive is a malicious software (malware) that has been used by the cybercriminal group, Hunters International, to launch ransomware attacks since October of last year. The group operates as a ransomware-as-a-service (RaaS) provider, spreading Hive rapidly through collaborations with less sophisticated

Source Document References

Information about the Uhodiransomwar Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Flashpoint	a month ago	COURT DOC: Two Foreign Nationals Plead Guilty to Participation in LockBit Ransomware Group
DARKReading	2 months ago	Two Foreign Nationals Plead Guilty to Participating in LockBit Ransomware Group
Securityaffairs	2 months ago	Russian nationals plead guilty to participating in the LockBit ransomware group
Securityaffairs	2 months ago	Russian nationals plead guilty to participating in the LockBit ransomware group
Flashpoint	4 months ago	COURT DOC: U.S. Charges Russian National with Developing and Operating LockBit Ransomware
CERT-EU	a year ago	US Offering $10M Reward for Russian Man Charged With Ransomware Attacks
CERT-EU	a year ago	District of New Jersey \| Russian National Charged with Ransomware Attacks Against Critical Infrastructure \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CSO Online	a year ago	Russian national indicted for ransomware attacks against the US
CERT-EU	a year ago	Who wants to be a millionaire by giving a tip to FBI about this hacker?
CERT-EU	a year ago	The Good, the Bad and the Ugly in Cybersecurity – Week 20 \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware – National Cyber Security Consulting
CERT-EU	a year ago	$10M Reward For Arrest Of Russian Hacker
Krebs on Security	a year ago	Russian Hacker “Wazawaka” Indicted for Ransomware
Flashpoint	a year ago	COURT DOC: Russian National Arrested and Charged with Conspiring to Commit LockBit Ransomware Attacks Against U.S. and Foreign Businesses
CERT-EU	a year ago	Help The DoJ Find This Russian Ransomware Hacker And You Could Score A $10M Bounty \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware – National Cyber Security Consulting
CERT-EU	a year ago	COURT DOC: Ransomware Charges Unsealed Against Russian National \| #ransomware \| #cybercrime – National Cyber Security Consulting
CERT-EU	a year ago	Russian man charged in ransomware attack on D.C. police \| #ransomware \| #cybercrime – National Cyber Security Consulting
CERT-EU	a year ago	Russian national charged with ransomware attacks against critical infrastructure
CERT-EU	a year ago	Russian Hacker “Wazawaka” Indicted for Ransomware - GIXtools
Flashpoint	a year ago	COURT DOC: Ransomware Charges Unsealed Against Russian National
Securityaffairs	a year ago	A Russian national charged for committing LockBit Ransomware attacks