Uhodiransomwar

Threat Actor updated a month ago (2024-11-29T14:17:36.362Z)
Download STIX
Preview STIX
Uhodiransomwar, also known as Mikhail Pavlovich Matveev, Wazawaka, m1x, and Boriselcin, is a significant threat actor in the cybersecurity landscape. A Russian national aged 30, Matveev has been implicated in a series of malicious cyber activities since at least 2020. He is alleged to have participated in conspiracies to deploy multiple ransomware variants, including LockBit, Babuk, and Hive, with his actions resulting in substantial harm to various entities throughout the United States. In May 2023, two indictments were unsealed in Washington, D.C., and the District of New Jersey, charging Matveev with using these ransomware variants to attack numerous victims. Notably, his targets included law enforcement and other government agencies, hospitals, and schools, indicating a wide-ranging and indiscriminate strategy. Among the victims was the Washington, D.C., Metropolitan Police Department, underscoring the severity of his attacks. The US Justice Department subsequently charged Matveev for his alleged role in these multiple ransomware attacks. The charges include conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers. In response to his actions, the US government has imposed cyber-related sanctions on Matveev, reflecting the seriousness of his offenses and the ongoing efforts to deter such harmful activities.
Description last updated: 2024-08-14T09:10:42.493Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Mikhail Pavlovich Matveev is a possible alias for Uhodiransomwar. Mikhail Pavlovich Matveev, a Russian national also known by online monikers Wazawaka, m1x, Boriselcin, and Uhodiransomwar, has been identified as a major threat actor in the world of cybersecurity. Matveev is among five Russians charged in connection with Lockbit, a group widely recognized as one of
4
Boriselcin is a possible alias for Uhodiransomwar. Mikhail Pavlovich Matveev, also known as Boriselcin, is a threat actor that has been implicated in significant cybercrime activities. Beginning at least as early as 2020, Matveev has been allegedly involved in deploying three ransomware variants: LockBit, Babuk, and Hive. These attacks targeted vari
3
Wazawaka is a possible alias for Uhodiransomwar. Wazawaka, identified by the FBI as Mikhail Matveev, is a significant threat actor in the cybercrime landscape. Known for his affiliations with multiple ransomware groups, including LockBit, throughout 2020 and 2021, he became a central figure in the Babuk ransomware-as-a-service gang. Matveev's oper
3
M1x is a possible alias for Uhodiransomwar. M1x, also known as Wazawaka, Boriselcin, and Uhodiransomwar, is a threat actor identified as Mikhail Pavlovich Matveev. This individual has been allegedly involved in malicious cyber activities since at least 2020. Matveev's primary mode of operation involves the deployment of ransomware, specifical
3
Mikhail Matveev is a possible alias for Uhodiransomwar. Mikhail Matveev, also known by the aliases Wazawaka, m1x, Boriselcin, and Uhodiransomwar, is a prominent threat actor associated with significant cybercrime activities. His involvement in the cybercrime world was traced back to 2020 and 2021 when he was identified as an affiliate of LockBit, a notor
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Ransom
Russia
XSS (Cross S...
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Lockbit Malware is associated with Uhodiransomwar. LockBit is a prominent ransomware-as-a-service (RaaS) malware that has been involved in numerous cyberattacks, demonstrating its staying power and adaptability. The malware, which can infiltrate systems through suspicious downloads, emails, or websites, is designed to exploit and damage computers orUnspecified
4
The Hive Malware is associated with Uhodiransomwar. Hive is a form of malware, specifically ransomware, designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Hive can steal personal information, disrupt operations, or hold data hostagUnspecified
2
Source Document References
Information about the Uhodiransomwar Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Flashpoint
5 months ago
DARKReading
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Flashpoint
8 months ago
CERT-EU
2 years ago
CERT-EU
a year ago
CSO Online
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
Krebs on Security
2 years ago
Flashpoint
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
Flashpoint
2 years ago
Securityaffairs
2 years ago