The person at the center of this case
United States and international businesses, critical infrastructure, and law enforcement agencies (victims of ransomware attacks)
Cold Case · Open
3 years waiting · since 2022
MIKHAIL PAVLOVICH MATVEEV
Justice for United States and international businesses, critical infrastructure, and law enforcement agencies (victims of ransomware attacks) — the trail went cold in 2022, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is Matveev's current location and operational status within Russia's cybercriminal infrastructure?
🔍
evidence
Lead #2How can attribution be strengthened for specific Lockbit, Babuk, and Hive attacks to individual actors?
📍
location
Lead #3Why does Matveev maintain ties to both Kaliningrad and St. Petersburg, and what operational purpose do these locations serve?
Mikhail Pavlovich Matveev, a Russian national, is a prolific ransomware affiliate allegedly responsible for major cyberattacks against U.S. and international targets, including critical infrastructure and law enforcement agencies. He is linked to Lockbit, Babuk, and Hive ransomware variants and has conducted attacks on the Washington D.C. Metropolitan Police Department, New Jersey police departments, and numerous businesses. Federal warrants were issued in December 2022 following charges in Washington D.C. and New Jersey; Matveev remains at large with known ties to Kaliningrad and St. Petersburg, Russia.
Case
#1050
Federal Bureau of Investigation (FBI); United States District Court for the District of Columbia; United States District Court for the District of New Jersey
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
💡
clue
Lead #4What was the significance of Matveev's previous travel to Thailand, and does it indicate international operational networks?
📞
contact
Lead #5Who are Matveev's known associates and collaborators within the ransomware affiliate ecosystem?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Computer Intrusion; Conspiracy; Intentional Damage to a Protected Computer; Threats Relating to a Protected Computer; Aiding and Abetting Caution: Mikhail Pavlovich Matveev, a Russian National, is allegedly a prolific ransomware affiliate currently based in Russia. Matveev has been linked to numerous ransomware variants including Lockbit, Babuk, and Hive.
He has allegedly conducted significant attacks against both United States and worldwide businesses, including critical infrastructure. Matveev has also been identified as one of the alleged developers/administrators behind the Babuk ransomware variant.
Matveev has been charged with multiple Lockbit attacks to include a police department located within New Jersey. He has also been charged with multiple Babuk attacks to include the attack against the Washington D.C.
Metropolitan Police Department. In addition, Matveev has been charged with Hive-related counts of conspiracy and intentional damage to a protected computer, including an attack against a New Jersey-based company.
On December 6, 2022, Matveev was charged with Intentional Damage to a Protected Computer; Threats Relating to a Protected Computer; and Aiding and Abetting in the United States District Court for the District of Columbia, Washington, D.C., and a federal warrant was issued for his arrest. On December 8, 2022, Matveev was charged with Computer Intrusion and Conspiracy in the United States District Court for the District of New Jersey, Newark, New Jersey, and a federal warrant was issued for his arrest.
Remarks: Matveev has ties to both Kaliningrad, Russia, and St. Petersburg, Russia, and is known to travel between the two locations.
In addition, Matveev has previously traveled to Thailand.
Timeline of Events
🕵️
2022-12-06
Federal charges filed in Washington D.C.
Charged with Intentional Damage to a Protected Computer, Threats Relating to a Protected Computer, and Aiding and Abetting in the U.S. District Court for the District of Columbia; federal warrant issued
🕵️
2022-12-08
Federal charges filed in New Jersey
Charged with Computer Intrusion and Conspiracy in the U.S. District Court for the District of New Jersey, Newark; federal warrant issued
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:December 6, 2022
Last Updated:April 29, 2026
Leave a comment
Comments
Case Information
Incident:December 6, 2022
Last Updated:April 29, 2026