LockBit Ransomware Engineer Sent to the U.S. to Face Criminal Accusations

• Rostislav Panev, engineer at LockBit, has been sent to the United States to face charges for allegedly developing ransomware for the LockBit group. 
• Authorities have encouraged victims to submit reports for their experience on the crime, promising and also promising a $10 million reward for information leading to Khoroshev’s arrest or conviction.

LockBit Engineer Rostislav Panev, a man with Russian and Israeli citizenship, has been extradited to the United States for allegedly developing ransomware for the LockBit group.

Authorities arrested him in Israel in 2023

Following a request from the U.S., he appeared before a U.S. judge on March 14 and has remained in custody while awaiting trial. Prosecutors claim he worked with LockBit from 2019 to early 2024; during this time, he programmed a virus that attacked over 2,500 targets across 120 nations, including 1,800 persons in America. 

The victims of this hack included individuals, small businesses, corporations, hospitals, schools, and critical infrastructure. The cybercriminals stole at least $500 million and also caused a lot of financial damage to Lockbit. 

During the investigation, administrator credentials were found on Panev’s device, which granted them access to a dark web repository that contained different versions of the ransomware’s source code.

Court records claim that Panev communicated with LockBit’s main operator, Dmitry Yuryevich Khoroshev, through a cybercriminal forum they created to discuss tasks related to the ransomware’s builder and other control panel. Some other documents showed that between mid-2022 and early 2024, Khoroshev sent him multiple cryptocurrency payments of more than $230,000. 

After his arrest in Israel, Panev admitted to actually doing different programming-related tasks for LockBit, like software development and consulting. He also confirmed receiving payments matching the flagged payments by the U.S. authorities. One of the major projects he worked on involved writing code to help disable security programs and spread infections across various networks. 

Additionally, he developed other harmful programs and gave technical advice to the group. LockBit operated with affiliates who launched attacks and demanded money from victims. They also launched StealBit, a tool that was used to extract stolen information. As of the time of writing, seven members of LockBit have been charged in New Jersey, including Panev, Khoroshev, Mikhail Vasiliev, Ruslan Astamirov. 

Support for LockBit Malware Victims and The Reward for Information

The people who were affected by LockBit attacks are urged to report every detail to the FBI through www.ic3.gov, as the authorities have helped to develop tools that may help restore some encrypted files, and submitting reports will assist in determining if this recovery is possible.

Additionally, the U.S. Department of State is offering up to $10 million as a reward to anyone who would bring information about Khoroshev’s capture or conviction, and many similar rewards are available for bringing in other high-ranking LockBit members.

Related Reading | XRP’s Dominance Surge: Could This Be the Start of a Massive Crypto Breakout?