Cybersecurity
Samuel E
May 8, 2024
The UK, US, and Australia have unveiled the identity of Dmitry Khoroshev, a Russian national and the mastermind behind the previously notorious LockBit ransomware group, following a coordinated international disruption campaign led by the National Crime Agency (NCA).
Khoroshev, also known by his alias LockBitSupp, who had operated under a veil of anonymity and had placed a $10 million bounty for anyone revealing his identity, now faces sanctions imposed by the UK's Foreign, Commonwealth & Development Office (FCDO), in collaboration with the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) and the Australian Department of Foreign Affairs.
These sanctions entail asset freezes and travel prohibitions. Additionally, the US has unsealed a federal indictment against Khoroshev and is offering a reward of up to $10 million for information that leads to his arrest or conviction
After the identity reveal of Khoroshev, IntelEye's Intelligence Research team collected multiple different PIIs and other intelligence data. This investigation aims to help to appropriate authorities such asFederal Bureau of Investigation (FBI)FBI Cyber Division.
Initially, OFAC only collected a limited amount of data on the asset, hence the 10M$ reward for any information leading to his arrest. The posted details were as follows:
Using IntelEye's intelligence capabilities, our team was able to gathering the following data:
Owned e-mails
Owned Phone Numbers
Related Addresses
Social Accounts
Aliases/Usernames
Used IP Addresses
Additionally his phone number [+79521020220] was saved under the following names:
Names used to save Dimitri's phone number
Names used to save Dimitri's phone number
With the newly collected PIIs, the research team discovered additional Social Media accounts belonging to LockBitSupp. Here is a sample:
VK Account
Twitter Account
YouTube Account
Drupal Account