US charges developer in LockBit group, paid in crypto

The US Department of Justice has charged Rostislav Panev, a dual citizen of Russia and Israel, for his alleged involvement with the LockBit ransomware group.

Panev, 51, is accused of working as a developer for the group and earning more than $230,000 in cryptocurrency for his contributions. Panev, who was arrested in Israel in August, is currently awaiting extradition to the United States to face charges.

LockBit is a notorious ransomware group known to target entities around the world, including major companies like Boeing, financial institutions like the Industrial and Commercial Bank of China, and government services like the Royal Mail in the United Kingdom, according to Bloomberg.

Ransomware attacks often involve encrypting victims’ data and demanding cryptocurrency payments to restore access.

Telegram and crypto connections

It was reported that Panev communicated with LockBit members using the encrypted messaging application Telegram, which is widely preferred in cybercrime circles due to its privacy features. Telegram is frequently used in the cybercrime world for its privacy features. According to defense attorney Sharon Nahari, Panev was a software developer who was unaware of the malicious intent behind the tools he created.

It was reported that Panev cooperated with law enforcement agencies and provided information about his activities.

Authorities allege his work included developing malware to disable antivirus systems, distributing ransomware, and printing ransom notes on affected networks.

Payments to Panev were allegedly laundered through cryptocurrency mixing services, a common tactic in ransomware operations to hide transaction trails.

LockBit has caused billions of dollars in losses worldwide since its emergence in 2019. The group extorted at least $500 million from more than 2,500 victims in 120 countries. Its operations rely on developers like Panev to create malware and affiliates to carry out attacks.

In February, authorities in the US and UK disrupted LockBit’s infrastructure, seizing websites, servers and decryption keys, significantly disrupting the group’s operations. Despite these efforts, LockBit remains active and Panev’s arrest is the latest step in ongoing investigative efforts.

LockBit’s alleged leader, Dmitry Khoroshev, remains at large. The US government offered a reward of $10 million for information leading to his capture.