Tuesday, May 16, 2023 – Earlier today, the United States Attorney’s Office made an important announcement regarding charges related to the 2021 ransomware attack on the Metropolitan Police Department (MPD). Thanks to a nearly two-year-long investigation led by the FBI, in collaboration with the MPD, authorities were able to identify the hacker responsible for the ransomware attack and ensure they are held accountable for their actions.
Metropolitan Police Chief Robert J. Contee III expressed his gratitude for the extensive efforts put forth by the FBI and their unwavering partnership with the MPD. Chief Contee highlighted the global nature of the investigation, which spanned multiple continents, and emphasized the crucial role played by federal agencies in navigating complex and challenging cases. He extended his sincere thanks to both the FBI and the United States Attorney’s Office for their consistent support throughout this investigation.
This week, an indictment was unsealed in the District of Columbia, charging a Russian national, Mikhail Pavlovich Matveev, with participating in a global ransomware campaign that targeted victims in the District of Columbia, the United States, and worldwide. Matveev, known by online aliases such as Wazawaka, m1x, Broriscelcin, and Uhodiransomwar, is alleged to have engaged in intentional damage to a protected computer and threats relating to a protected computer.
U.S. Attorney for the District of Columbia, Matthew M. Graves, and Special Agent in Charge James Dennehy of the FBI’s Newark Field Office, announced the charges.
U.S. Attorney Graves emphasized the destructive nature of data theft and extortion attempts by ransomware groups, highlighting the impact on key institutions and individuals serving the public. He affirmed the commitment to use all available resources to prosecute and punish such offenses, targeting law enforcement agencies, government entities, and private companies like healthcare providers. The identification and charging of Matveev were made possible through exceptional work by law enforcement partners.
SAC Dennehy emphasized the alarm that the indictment, sanctions, and reward for Mikhail Matveev should sound in the cybercriminal community worldwide. He warned malicious actors that the FBI, along with its domestic and international partners, is actively pursuing them. While these criminals may currently feel safe and protected, the FBI’s resolve to bring them to justice remains unwavering.
According to the indictment, Matveev was an active member of Babuk, a global ransomware campaign that posed a significant cybercriminal threat. On April 26, 2021, the Babuk conspirators targeted the Metropolitan Police Department (MPD) in Washington, D.C. with Babuk ransomware. They subsequently threatened to disclose sensitive information unless a payment was made. Matveev’s involvement in the ransomware conspiracy included intentionally infecting MPD’s computer systems with Babuk ransomware, stealing data, and attempting to extort the department. These actions resulted in losses of at least $5,000 to MPD.
Matveev also faces a series of related charges in an indictment filed in the District of New Jersey.
The charges filed in connection with the ransomware attack on the Metropolitan Police Department mark a significant step towards achieving justice and upholding the security of the department’s digital infrastructure. The collaborative efforts between the MPD and federal partners have once again demonstrated the importance of cooperation in combating cybercrime and protecting the community.