The United States, U.K., and Australia sanctioned and charged Russian man Dmitry Yuryevich Khoroshev as the LockBit ransomware group leader. Khoroshev faced allegations of extortion and wire fraud, allegedly extracting over $100 million. The U.S. Treasury disclosed his personal information, unveiling his alter egos on cybercrime forums. Additionally, Khoroshev’s previous activities as NeroWolfe fueled suspicions that he transitioned to the alias Putinkrab, developing a custom ransomware strain. The intricate connections between these identities and their involvement in sophisticated ransomware operations suggest extensive experience in the field. The government’s thorough investigation into Khoroshev’s financial activities further emphasizes the pursuit of tracing illicit funds in cybercrime operations.
https://krebsonsecurity.com/2024/05/how-did-authorities-identify-the-alleged-lockbit-boss/