A dual Russian-Israeli national, Rastislav Panev, has been arrested in Israel and will soon face extradition to the United States for his alleged role in developing the notorious Lock Bit ransomware. Authorities claim the arrest marks a significant blow to the global ransomware operation.
Rastislav Panev, a 51-year-old man holding dual Russian-Israeli citizenship, was arrested in Israel in August at the request of the United States Department of Justice (DoJ). Panev faces charges for allegedly developing the infamous Lock Bit ransomware, which is responsible for attacks on over 2,500 entities worldwide.
Panev is currently being held in Israel, awaiting extradition to the U.S. According to court documents, he was involved with the Lock Bit ransomware group since its inception in 2019, continuing his activities until February 2024, when authorities dismantled parts of the operation.
How Panev Operated
Panev is accused of developing malicious code for Lock Bit, maintaining the infrastructure, and providing technical guidance to the group. Evidence obtained by investigators includes credentials found on Panev’s computer, granting him access to repositories hosting Lock Bit source code and control panel credentials.
Additionally, Panev’s communications with Lock Bit’s main administrator, Dmitry Yuryevich Khoroshev, revealed his role in the operation. Khoroshev, identified as a Russian national, was previously charged by U.S. authorities. Investigators also discovered that Panev received payments amounting to $230,000 in cryptocurrency from Khoroshev between June 2022 and February 2024.
Ransomware’s Global Impact
The Lock Bit ransomware group has been linked to over 2,500 attacks across 120 countries, including 1,800 incidents in the United States alone. The group extorted more than $500 million in ransom payments, causing billions of dollars in damages. Law enforcement agencies worldwide view Panev’s arrest as a critical step in combating ransomware operations.
Charges and Future Actions
Panev admitted to developing code that disabled antivirus systems, deploying malware on victim networks, and creating ransom notes. His arrest follows a series of actions by the U.S. against members of the Lock Bit group, with rewards of up to $10 million offered for information leading to the capture of other operatives.
The Lock Bit operation has led to several arrests globally, including the sentencing of a Lock Bit affiliate in Canada earlier this year. Panev’s extradition to the U.S. is expected to shed more light on the group’s activities and could result in further legal actions against its members.
A Message to Cybercriminals
Authorities emphasize that the arrest demonstrates a global commitment to holding cybercriminals accountable. Panev’s capture is a testament to international collaboration in the fight against ransomware and cybercrime, sending a strong warning to those involved in such activities.
