urlscan.io logo urlscan.io
SecurityTrails logo

www.securityweek.com Open in urlscan Pro
172.67.97.169  Public Scan

Back to summary
Submitted URL: https://communications.h-isac.org/e/1025843/-his-head-reportedly-arrested-/3fqds/343104419/h/WqLIyqGHP15GQvYmxJxkX31PwBT5g8NWbUXhn...
Effective URL: https://www.securityweek.com/russian-hacker-with-10-million-bounty-on-his-head-reportedly-arrested/
Submission: On December 05 via api from US — Scanned from CA

Form analysis 4 forms found in the DOM

GET https://www.securityweek.com/

<form method="get" id="zox-search-form" action="https://www.securityweek.com/">
  <input type="text" name="s" id="zox-search-input" value="Search" onfocus="if (!window.__cfRLUnblockHandlers) return false; if (this.value == &quot;Search&quot;) { this.value = &quot;&quot;; }"
    onblur="if (!window.__cfRLUnblockHandlers) return false; if (this.value == &quot;Search&quot;) { this.value = &quot;&quot;; }">
  <input type="submit" id="zox-search-submit" value="Search">
</form>

Name: ccoptinPOST https://visitor.constantcontact.com/d.jsp

<form class="sw-newsletter-cc" style="" method="post" target="_blank" action="https://visitor.constantcontact.com/d.jsp" name="ccoptin">
  <input type="hidden" value="1102592012458" name="m">
  <input type="hidden" value="oi" name="p">
  <div class="form-item">
    <input type="text" class="form-text required" value="" placeholder="Business Email Address..." size="60" name="ea" maxlength="128">
    <input type="submit" class="submit" value="Subscribe" name="go">
  </div>
</form>

Name: ccoptinPOST https://visitor.constantcontact.com/d.jsp

<form class="sw-newsletter-cc" style="" method="post" target="_blank" action="https://visitor.constantcontact.com/d.jsp" name="ccoptin">
  <input type="hidden" value="1102592012458" name="m">
  <input type="hidden" value="oi" name="p">
  <div class="form-item">
    <input type="text" class="form-text required" value="" placeholder="Business Email Address..." size="60" name="ea" maxlength="128">
    <input type="submit" class="submit" value="Subscribe" name="go">
  </div>
</form>

Name: ccoptinPOST https://visitor.constantcontact.com/d.jsp

<form class="sw-newsletter-cc" method="post" target="_blank" action="https://visitor.constantcontact.com/d.jsp" name="ccoptin">
  <input type="hidden" value="1102592012458" name="m">
  <input type="hidden" value="oi" name="p">
  <div class="form-item">
    <input type="text" name="ea" maxlength="128" placeholder="Business Email Address..." class="form-text required" required="">
    <input type="submit" class="submit" value="Subscribe" name="go">
  </div>
</form>

Text Content

CONFERENCE Cyber AI & Automation Summit - Watch Sessions


SECURITYWEEK NETWORK:

 * Cybersecurity News
 * Webcasts
 * Virtual Events


ICS:

 * ICS Cybersecurity Conference

 * Malware & Threats
   * Cyberwarfare
   * Cybercrime
   * Data Breaches
   * Fraud & Identity Theft
   * Nation-State
   * Ransomware
   * Vulnerabilities
 * Security Operations
   * Threat Intelligence
   * Incident Response
   * Tracking & Law Enforcement
 * Security Architecture
   * Application Security
   * Cloud Security
   * Endpoint Security
   * Identity & Access
   * IoT Security
   * Mobile & Wireless
   * Network Security
 * Risk Management
   * Cyber Insurance
   * Data Protection
   * Privacy & Compliance
   * Supply Chain Security
 * CISO Strategy
   * Cyber Insurance
   * CISO Conversations
   * CISO Forum
 * ICS/OT
   * Industrial Cybersecurity
   * ICS Cybersecurity Conference
 * Funding/M&A
   * Cybersecurity Funding
   * M&A Tracker

 * Cybersecurity News
 * Webcasts
 * Virtual Events

 * ICS Cybersecurity Conference

Connect with us
 * 
 * 
 * 

Hi, what are you looking for?





SECURITYWEEK

 * Malware & Threats
   * Cyberwarfare
   * Cybercrime
   * Data Breaches
   * Fraud & Identity Theft
   * Nation-State
   * Ransomware
   * Vulnerabilities
 * Security Operations
   * Threat Intelligence
   * Incident Response
   * Tracking & Law Enforcement
 * Security Architecture
   * Application Security
   * Cloud Security
   * Endpoint Security
   * Identity & Access
   * IoT Security
   * Mobile & Wireless
   * Network Security
 * Risk Management
   * Cyber Insurance
   * Data Protection
   * Privacy & Compliance
   * Supply Chain Security
 * CISO Strategy
   * Cyber Insurance
   * CISO Conversations
   * CISO Forum
 * ICS/OT
   * Industrial Cybersecurity
   * ICS Cybersecurity Conference
 * Funding/M&A
   * Cybersecurity Funding
   * M&A Tracker




CYBERCRIME


RUSSIAN HACKER WITH $10 MILLION BOUNTY ON HIS HEAD REPORTEDLY ARRESTED

Russian authorities have reportedly arrested Mikhail Matveev, who is wanted by
the US for ransomware attacks against critical infrastructure.

By

Eduard Kovacs

December 2, 2024
   
   
 * 

 * Flipboard
   
   Reddit
   
   Whatsapp
   
   Whatsapp
   
   Email

Russian authorities have reportedly arrested Mikhail Pavlovich Matveev, a
32-year-old man from Russia who is wanted by the United States over his alleged
role in ransomware attacks.

Russian state-owned news agency RIA Novosti reported last week that local
prosecutors had announced charges against a man accused of creating a malicious
program, specifically one designed to encrypt the data of commercial
organizations. 

RIA Novosti learned from sources that the suspect is Mikhail Pavlovich Matveev
[Russian language article].

Matveev has been known online as Wazawaka, m1x, Boriselcin, and Uhodiransomwar.
Cybersecurity blogger Brian Krebs revealed that Wazawaka was Matveev in early
2022, which the man later confirmed to be accurate.

The FBI added him to its most wanted list in May 2023. The US Justice Department
at the time announced charges against Matveev over his alleged role in LockBit,
Hive and Babuk ransomware attacks. 

He is believed to have been involved in ransomware attacks aimed at thousands of
entities in the US and elsewhere, including critical infrastructure
organizations such as hospitals, airlines, and government organizations.  

Also in May 2023, the US Treasury Department announced sanctions against the
Russian national and the Department of State announced a bounty of up to $10
million for information leading to Matveev’s arrest.

It appears that the Russian government has started cracking down on local
cybercriminals. A Russian news agency reported last month that a court had
sentenced four members of the  REvil ransomware group to prison. 

Advertisement. Scroll to continue reading.


Related: Russian National Arrested, Charged in US Over Role in LockBit
Ransomware Attacks

Related: US Announces Charges, Sanctions Against Russian Administrator of
Carding Website

Related: Russian Phobos Ransomware Operator Extradited to US

Related: Russia Arrests 96 People Tied to US-Disrupted Cryptocurrency Exchanges

Written By Eduard Kovacs

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as
a high school IT teacher for two years before starting a career in journalism as
Softpedia’s security news reporter. Eduard holds a bachelor’s degree in
industrial informatics and a master’s degree in computer techniques applied in
electrical engineering.




MORE FROM EDUARD KOVACS

 * Largest German Crime Marketplace Taken Down, Administrator Arrested
 * Government Guidance on Chinese Telco Hacking Highlights Threat to Cisco
   Devices
 * Law Enforcement Read Criminals’ Messages After Hacking Matrix Service
 * Vendors Unveil New Cloud Security Products, Features at AWS re:Invent 2024
 * Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability
 * Cybersecurity M&A Roundup: 49 Deals Announced in November 2024
 * T-Mobile Shares More Information on China-Linked Cyberattack
 * Microsoft Patches Exploited Vulnerability in Partner Network Website


LATEST NEWS

 * Watch Now: Cyber AI & Automation Summit- All Sessions Available On Demand
 * ‘DroidBot’ Android Trojan Targets Banking, Cryptocurrency Applications
 * 50 Servers Linked to Cybercrime Marketplace and Phishing Sites Seized by Law
   Enforcement
 * Bootloader Vulnerability Impacts Over 100 Cisco Switches
 * Chemonics International Data Breach Impacts 260,000 Individuals
 * System Two Security Emerges From Stealth With Detection Engineering Solution
 * White House Says at Least 8 US Telecom Firms, Dozens of Nations Impacted by
   China Hacking Campaign
 * BT Investigating Hack After Ransomware Group Claims Theft of Sensitive Data



TRENDING





DAILY BRIEFING NEWSLETTER

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest
threats, trends, and technology, along with insightful columns from industry
experts.




WEBINAR: INSIDE A HACKER’S PLAYBOOK: HOW CYBERCRIMINALS USE DEEPFAKES AND BEC TO
STEAL COMPANY FUNDS

December 10, 2024

Don’t miss this Live Attack demonstration to learn how hackers operate and gain
the knowledge to strengthen your defenses.

Register


WEBINAR: NAVIGATING YOUR OT CYBERSECURITY JOURNEY: FROM ASSESSMENT TO
IMPLEMENTATION

December 17, 2024

Join us as we share best practices for uncovering risks and determining next
steps when vetting external resources, implementing solutions, and procuring
post-installation support.

Register

PEOPLE ON THE MOVE

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology
Alliances Officer.

More People On The Move

EXPERT INSIGHTS


SPOTTING THE CHARLATANS: RED FLAGS FOR ENTERPRISE SECURITY TEAMS

Even with careful and deliberate hiring, enterprise security teams will find
themselves with a charlatan from time to time. (Joshua Goldfarb)


RISING TIDES: WENDY NATHER ON RESILIENCE, LEADERSHIP, AND BUILDING A STRONGER
CYBERSECURITY COMMUNITY

Industry veteran Wendy Nather discusses cybersecurity leadership and the
importance of amplifying others’ efforts for the common good. (Jennifer Leggio)


AI – IMPLEMENTING THE RIGHT TECHNOLOGY FOR THE RIGHT USE CASE

Just like other technologies that have gone before, such as cloud and
cybersecurity automation, right now AI lacks maturity. (Marc Solomon)


THE URGENT AND CRITICAL NEED TO PRIORITIZE MOBILE SECURITY

Organizations that get serious about mobile risks will reduce business risk and
boost trust and confidence in their employees, customers, business partners and
investors. (Stu Sjouwerman)


WHY CUSTOM IOCS ARE NECESSARY FOR ADVANCED THREAT HUNTING AND DETECTION

The ability to internalize and operationalize customized threat intelligence as
part of a holistic security system is no longer a luxury; it's a necessity.
(Etay Maor)

   
   
 * 

 * Flipboard
   
   Reddit
   
   Whatsapp
   
   Whatsapp
   
   Email


 * 
 * 
 * 


POPULAR TOPICS

 * Cybersecurity News
 * Industrial Cybersecurity


SECURITY COMMUNITY

 * Virtual Cybersecurity Events
 * Webcast Library
 * CISO Forum
 * AI Risk Summit
 * ICS Cybersecurity Conference
 * Cybersecurity Newsletters


STAY INTOUCH

 * Cyber Weapon Discussion Group
 * RSS Feed
 * Security Intelligence Group
 * Follow SecurityWeek on LinkedIn


ABOUT SECURITYWEEK

 * Advertising
 * Event Sponsorships
 * Writing Opportunities
 * Feedback/Contact Us


NEWS TIPS

Got a confidential news tip? We want to hear from you.

Submit Tip


ADVERTISING

Reach a large audience of enterprise cybersecurity professionals

Contact Us


DAILY BRIEFING NEWSLETTER

Subscribe to the SecurityWeek Daily Briefing and get the latest content
delivered to your inbox.


 * Privacy Policy

Copyright © 2024 SecurityWeek ®, a Wired Business Media Publication. All Rights
Reserved.





DAILY BRIEFING NEWSLETTER

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest
cybersecurity news, threats, and expert insights. Unsubscribe at any time.







Close