{"id":6717,"date":"2024-12-20T12:43:44","date_gmt":"2024-12-20T18:43:44","guid":{"rendered":"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/lockbit-ransomware-developer-arrested-israel"},"modified":"2024-12-20T12:43:44","modified_gmt":"2024-12-20T18:43:44","slug":"lockbit-ransomware-developer-arrested-in-israel","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/12\/20\/lockbit-ransomware-developer-arrested-in-israel\/","title":{"rendered":"LockBit Ransomware Developer Arrested in Israel"},"content":{"rendered":"<div class=\"media_block\"><a href=\"https:\/\/i0.wp.com\/eu-images.contentstack.com\/v3\/assets\/blt6d90778a997de1cd\/bltf1872081c3f2a0fe\/6765bc9ec5e3753c5855f196\/men_with_hands_up_%281800%29_Peter_Werner_Alamy.jpg?ssl=1\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?w=640&#038;ssl=1\" class=\"media_thumbnail\"><\/a><\/div>\n<div><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?w=640&#038;ssl=1\" class=\"ff-og-image-inserted\"><\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">NEWS BRIEF<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">A newly unsealed criminal complaint by US law enforcement shows they have been working to dismantle the LockBit ransomware-as-a-service group for several years, including a previously undisclosed arrest of one of the operation&#8217;s lead developers in Israel last August.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Rostislav Panev, a 51-year-old with dual Russian-Israeli citizenship, is facing extradition to the US to face charges along with two others accused of similarly working for <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/threat-intelligence\/lockbit-ransomware-takedown-strikes-brand-viability\">LockBit<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">, not just to develop the ransomware itself but also tools used by affiliates. For his part, Panev is accused of working on <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/endpoint-security\/lockbit-3-0-variant-generates-custom-self-propagating-malware\">LockBit ransomware<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> from its beginnings in 2019, eventually creating one of the most prolific ransomware operations in the world, according to the Justice Department&#8217;s statement about the arrest.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Panev, according to the Justice Department, at the time of his arrest had admin credentials for LockBit&#8217;s Dark Web online repository with the ransomware&#8217;s source code, as well as the source code for an affiliate tool called &#8220;StealBit&#8221; used to exfiltrate stolen data. His laptop also had he access credentials for the LockBit control panel used by affiliates. The Justice Department&#8217;s <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.justice.gov\/opa\/pr\/united-states-charges-dual-russian-and-israeli-national-developer-lockbit-ransomware-group\">statement<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> adds that Panev confessed to his role in the <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/threat-intelligence\/lockbit-associates-arrested-evil-corp-bigwig-outed\">LockBit ransomware<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> operation.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&#8220;The Justice Department\u2019s work going after the world\u2019s most dangerous ransomware schemes includes not only dismantling networks, but also finding and bringing to justice the individuals responsible for building and running them,&#8221; Attorney General Merrick Garland said in a statement about the arrests. &#8220;Three of the individuals who we allege are responsible for LockBit\u2019s cyberattacks against thousands of victims are now in custody, and we will continue to work alongside our partners to hold accountable all those who lead and enable ransomware attacks.&#8221;<\/span><\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/lockbit-ransomware-developer-arrested-israel\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>NEWS BRIEF A newly unsealed criminal complaint by US law<\/p>\n","protected":false},"author":12,"featured_media":6718,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-6717","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?fit=1800%2C1013&ssl=1",1800,1013,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?fit=300%2C169&ssl=1",300,169,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?fit=640%2C360&ssl=1",640,360,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?fit=640%2C360&ssl=1",640,360,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?fit=1536%2C864&ssl=1",1536,864,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?fit=1800%2C1013&ssl=1",1800,1013,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?fit=1024%2C576&ssl=1",1024,576,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/12\/lockbit-ransomware-developer-arrested-in-israel.jpg?fit=1800%2C1013&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6717","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=6717"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6717\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/6718"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=6717"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=6717"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=6717"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}