Russian Hacker Attacked Mercer Nonprofit Healthcare Organization: Feds

MERCER COUNTY, NJ — A Russian national has been charged with using ransomware to attack a nonprofit healthcare organization in Mercer County, as well as other critical infrastructure in New Jersey and across the country, the Department of Justice said.

U.S. Attorney Philip R. Sellinger's office said Mikhail P. Matveev is implicated in other ransomware attacks against law enforcement agencies in New Jersey and Washington, D.C. and was "an active member of at least three different global ransomware conspiracies."

Matveev and his co-conspirators deployed ransomware called Hive against a nonprofit behavioral healthcare organization headquartered in Mercer County in on May 27, 2022, according to court documents.

Matveev is also accused of deploying several types of ransomware against police departments, hospitals, and schools in the United States. In total, officials said Matveev and his co-conspirators attacked as many as 2,800 people with the malware and demanded at least $400 million in ransom, garnering more than $200 million from various victims.

Since June 2021, the Hive ransomware group has targeted more than 1,400 victims around the world and received as much as $120 million in ransom payments, Sellinger said.

Matveev is charged with conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers. The DOJ unsealed two indictments against him on Tuesday.

Matveev is not yet in custody. The Department of State announced up to a $10 million reward for Matveev's apprehension, and information may be submitted at tips.fbi.gov or RewardsForJustice.net. If convicted, he faces more than 20 years in prison.

Sellinger said that victims of ransomware attacks from LockBit, Babuk, Conti, or Hive "should contact their local FBI field office for further information."

“From Russia and hiding behind multiple aliases, Matveev is alleged to have used these ransomware strains to encrypt and hold hostage for ransom the data of numerous victims, including hospitals, schools, nonprofits, and law enforcement agencies, like the Metropolitan Police Department in Washington, D.C.,” said Sellinger.

"Thanks to the extraordinary investigative work of prosecutors from my office and our FBI partners, Matveev no longer hides in the shadows ­– we have publicly identified his criminal acts and charged him with multiple federal crimes. Let today’s charges be a reminder to cybercriminals everywhere ­– my office is devoted to combatting cybercrime and will spare no resources in bringing to justice those who use ransomware attacks to target victims.”

Have a correction or a news tip? Email sarah.salvadore@patch.com