US Offers $10 Million Bounty for Information on LockBit Hacker: 31-Year-Old Russian Citizen Khoroshev

Earlier, the International Criminal Police Organization took enforcement action against the notorious ransomware LockBit, but it only shut down its data leak site on the dark web, without causing any significant damage to LockBit's underlying infrastructure.

LockBit operates using a Ransomware-as-a-Service (RaaS) model, where the main developer and administrator, 31-year-old Russian citizen Dmitry Yuryevich Khoroshev, is responsible for maintaining the platform. Other hackers can subscribe to LockBit and launch attacks, and after receiving ransom payments from victims, Khoroshev splits the profits with his accomplices.

The revenue-sharing ratio among hackers is 2:8, with Khoroshev taking 20% of the ransom payments and the remaining 80% going to the hackers who actually launched the attacks.

Investigations have revealed that Khoroshev has been involved with LockBit since its inception in 2019, and over the years, LockBit has affected over 2,500 victims in more than 120 countries, with Khoroshev and his accomplices collecting over $500 million in ransom payments.

Notably, the LockBit data leak site, which was taken down by British and US law enforcement agencies in February, has already been restored. Khoroshev claims that if victims pay the ransom, the stolen data will be deleted and not leaked online.

However, in reality, Khoroshev has not kept his promise, and even after victims pay the ransom, the data is still retained, with some of it potentially being sold to other hackers.

After a long investigation, law enforcement agencies have identified Khoroshev as the mastermind behind LockBit, a 31-year-old Russian citizen whose current whereabouts are unknown. The US is offering a $10 million bounty for information leading to Khoroshev's capture.

Khoroshev faces 26 charges, including conspiracy to commit fraud and extortion, with a maximum sentence of 185 years if convicted.