An alleged developer behind the notorious LockBit ransomware gang has been extradited from Israel to the United States, where he now faces multiple charges related to cyber extortion and computer damage.
According to the U.S. Department of Justice (DOJ), 51-year-old dual Russian-Israeli national Rostislav Panev was arrested in Israel in August 2024 and has now been brought to the District of New Jersey to face prosecution.
“Rostislav Panev’s extradition to the District of New Jersey makes it clear: if you are a member of the LockBit ransomware conspiracy, the United States will find you and bring you to justice,” said U.S. Attorney John Giordano.
Panev made his first appearance before U.S. Magistrate Judge André Espinosa in Newark, New Jersey, on Thursday, where he was charged with 40 counts related to cybercrime, extortion, and financial fraud.
LockBit’s Global Ransomware Operation
The DOJ has been pursuing Panev since December 2024, after unsealing a criminal complaint that accused him of serving as a core developer for LockBit ransomware from 2019 to at least February 2024.
Authorities claim Panev was instrumental in helping LockBit become one of the most destructive ransomware groups in the world, with attacks on over 2,500 victims across 120 countries.
Among these, at least 1,800 U.S.-based organizations were hit, including:
- Schools
- Hospitals
- Local governments
- Businesses and multinational corporations
LockBit affiliates extorted an estimated $500 million in ransom payments before a massive international law enforcement takedown in February 2024 severely disrupted the group’s operations.
Inside the LockBit Ransomware Network
The DOJ’s investigation reveals that LockBit operated with a structured hierarchy:
- Affiliates launched ransomware attacks and negotiated ransom payments.
- Developers like Panev created the malware, managed the operation’s infrastructure, and ensured its continued effectiveness.
Both groups profited by splitting ransom earnings, making LockBit one of the most profitable ransomware-as-a-service (RaaS) networks in cybercrime history.
When Israeli authorities arrested Panev, they discovered credentials linking him to an online repository on the dark web—a storage site containing source code for multiple versions of the LockBit builder. This software allowed affiliates to generate customized versions of LockBit ransomware tailored for specific targets.
Investigators also found various hacking tools in his possession, including:
- Data exfiltration software used to steal victim data.
- Operational control panels for managing ransomware infections.
- Cryptocurrency wallets tied to LockBit’s ransom payments.
Connections to LockBit’s Suspected Leader
Panev is also accused of directly communicating with LockBit’s primary administrator, Dimitry Yuryevich Khoroshev, known in cybercriminal circles as LockBitSupp.
The U.S. State Department has placed a $10 million bounty on Khoroshev’s whereabouts, as he remains at large.
Court records further reveal that between June 2022 and February 2024, Khoroshev allegedly sent monthly cryptocurrency payments of approximately $10,000 to Panev. These funds, laundered through illicit crypto-mixing services, totaled over $230,000 during that period.
International Takedown of LockBit
LockBit suffered a major setback in February 2024 when the U.K. National Crime Agency (NCA), along with U.S. law enforcement and other global partners, dismantled the group’s front-facing websites and seized key infrastructure.
The District of New Jersey has since charged seven LockBit members, including:
- Mikhail Vasiliev – Pleaded guilty in 2024.
- Ruslan Astamirov – Also pleaded guilty in 2024.
- Mikhail Matveev (aka Wazawaka) – Indicted in May 2023, arrested in Russia in December 2024.
- Artur Sungatov & Ivan Kondratyev – Still at large.
- Aleksandr Ryzhenkov – Allegedly linked to Evil Corp, another infamous cybercrime syndicate.
The U.S. has issued $10 million bounties for information leading to Matveev’s arrest and other key LockBit members.
A Decryptor for LockBit’s Victims
With LockBit’s infrastructure disrupted, law enforcement has developed a decryptor that can restore files encrypted by LockBit ransomware.
Authorities are now urging all past victims of LockBit to come forward for assistance.
“No one is safe from ransomware attacks, from individuals to institutions. Along with our international partners, the FBI continues to leave no stone unturned when it comes to following LockBit’s trail of destruction,” said Acting Special Agent in Charge Terence Reilly of the FBI’s Newark Division.
“We will continue to work tirelessly to prevent actors like Panev from hacking their way to financial gain.”
Help us bring real change! Corporate lobbying has corrupted our system for too long, and it’s time to take action. Please sign and share this petition—your support is crucial in restoring accountability to our government. Every signature counts! Thank you!
https://www.ipetitions.com/petition/restore-our-republic-end-lobbying
Support truth, health, and preparedness by shopping the Alex Jones Store through our link. Every purchase helps sustain independent voices and earns us a 10% share to fuel our mission. Shop now and make a difference!
https://thealexjonesstore.com?sca_ref=7730615.EU54Mw6oyLATer7a
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
