Threat Intel Solutions

* [Cyberattacks -& Data Breaches](/cyberattacks-data-breaches)* [Threat Intelligence](/threat-intelligence)* [Cybersecurity Operations](/cybersecurity-operations)LockBit Ransomware Developer Arrested in Israel LockBit Ransomware Developer Arrested in Israel===============================================================================================Dual Russian-Israeli national Rostislav Panev was arrested last August and is facing extradition to the US for playing a critical role in LockBit’s RaaS activities, dating back to the ransomware gang’s origins.  [Becky Bracken, Senior Editor, Dark Reading](/author/becky-bracken)December 20, 2024 1 Min Read _Peter_Werner_Alamy.jpg?width=1280&auto=webp&quality=95&format=jpg&disable=upscale ‘Two men with hands up facing a wall like they are being arrested’) Source: Peter Werner via Alamy Stock Photo [](https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/cyberattacks-data-breaches/lockbit-ransomware-developer-arrested-israel)[](http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/cyberattacks-data-breaches/lockbit-ransomware-developer-arrested-israel)[](http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/cyberattacks-data-breaches/lockbit-ransomware-developer-arrested-israel)[](https://www.reddit.com/submit?url=https://www.darkreading.com/cyberattacks-data-breaches/lockbit-ransomware-developer-arrested-israel&title=LockBit%20Ransomware%20Developer%20Arrested%20in%20Israel)[](/cdn-cgi/l/email-protection#d0efa3a5b2bab5b3a4ed9cbfb3bb92b9a4f082b1bea3bfbda7b1a2b5f094b5a6b5bcbfa0b5a2f091a2a2b5a3a4b5b4f0b9bef099a3a2b1b5bcf6b1bda0ebb2bfb4a9ed99f5e2e0a4b8bfa5b7b8a4f5e2e0a4b8b5f5e2e0b6bfbcbcbfa7b9beb7f5e2e0b6a2bfbdf5e2e094b1a2bbf5e2e082b5b1b4b9beb7f5e2e0bdb9b7b8a4f5e2e0b9bea4b5a2b5a3a4f5e2e0a9bfa5fef5e094f5e091f5e094f5e091f5e2e09cbfb3bb92b9a4f5e2e082b1bea3bfbda7b1a2b5f5e2e094b5a6b5bcbfa0b5a2f5e2e091a2a2b5a3a4b5b4f5e2e0b9bef5e2e099a3a2b1b5bcf5e094f5e091b8a4a4a0a3f5e391f5e296f5e296a7a7a7feb4b1a2bba2b5b1b4b9beb7feb3bfbdf5e296b3a9b2b5a2b1a4a4b1b3bba3fdb4b1a4b1fdb2a2b5b1b3b8b5a3f5e296bcbfb3bbb2b9a4fda2b1bea3bfbda7b1a2b5fdb4b5a6b5bcbfa0b5a2fdb1a2a2b5a3a4b5b4fdb9a3a2b1b5bc) NEWS BRIEFA newly unsealed criminal complaint by US law enforcement shows they have been working to dismantle the LockBit ransomware-as-a-service group for several years, including a previously undisclosed arrest of one of the operation’s lead developers in Israel last August.Rostislav Panev, a 51-year-old with dual Russian-Israeli citizenship, is facing extradition to the US to face charges along with two others accused of similarly working for [LockBit](https://www.darkreading.com/threat-intelligence/lockbit-ransomware-takedown-strikes-brand-viability), not just to develop the ransomware itself but also tools used by affiliates. For his part, Panev is accused of working on [LockBit ransomware](https://www.darkreading.com/endpoint-security/lockbit-3-0-variant-generates-custom-self-propagating-malware) from its beginnings in 2019, eventually creating one of the most prolific ransomware operations in the world, according to the Justice Department’s statement about the arrest.Panev, according to the Justice Department, at the time of his arrest had admin credentials for LockBit’s Dark Web online repository with the ransomware’s source code, as well as the source code for an affiliate tool called ‘StealBit’ used to exfiltrate stolen data. His laptop also had he access credentials for the LockBit control panel used by affiliates. The Justice Department’s [statement](https://www.justice.gov/opa/pr/united-states-charges-dual-russian-and-israeli-national-developer-lockbit-ransomware-group) adds that Panev confessed to his role in the [LockBit ransomware](https://www.darkreading.com/threat-intelligence/lockbit-associates-arrested-evil-corp-bigwig-outed) operation.’The Justice Department’s work going after the world’s most dangerous ransomware schemes includes not only dismantling networks, but also finding and bringing to justice the individuals responsible for building and running them,’ Attorney General Merrick Garland said in a statement about the arrests. ‘Three of the individuals who we allege are responsible for LockBit’s cyberattacks against thousands of victims are now in custody, and we will continue to work alongside our partners to hold accountable all those who lead and enable ransomware attacks.’
Read more about:[News Briefs](/keyword/news-briefs) [](https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/cyberattacks-data-breaches/lockbit-ransomware-developer-arrested-israel)[](http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/cyberattacks-data-breaches/lockbit-ransomware-developer-arrested-israel)[](http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/cyberattacks-data-breaches/lockbit-ransomware-developer-arrested-israel)[](https://www.reddit.com/submit?url=https://www.darkreading.com/cyberattacks-data-breaches/lockbit-ransomware-developer-arrested-israel&title=LockBit%20Ransomware%20Developer%20Arrested%20in%20Israel)[](/cdn-cgi/l/email-protection#28175b5d4a424d4b5c1564474b436a415c087a49465b47455f495a4d086c4d5e4d4447584d5a08695a5a4d5b5c4d4c08414608615b5a494d440e494558134a474c5115610d1a185c40475d4f405c0d1a185c404d0d1a184e474444475f41464f0d1a184e5a47450d1a186c495a430d1a187a4d494c41464f0d1a1845414f405c0d1a1841465c4d5a4d5b5c0d1a1851475d060d186c0d18690d186c0d18690d1a1864474b436a415c0d1a187a49465b47455f495a4d0d1a186c4d5e4d4447584d5a0d1a18695a5a4d5b5c4d4c0d1a1841460d1a18615b5a494d440d186c0d1869405c5c585b0d1b690d1a6e0d1a6e5f5f5f064c495a435a4d494c41464f064b47450d1a6e4b514a4d5a495c5c494b435b054c495c49054a5a4d494b404d5b0d1a6e44474b434a415c055a49465b47455f495a4d054c4d5e4d4447584d5a05495a5a4d5b5c4d4c05415b5a494d44) About the Author—————- [Becky Bracken, Senior Editor, Dark Reading](/author/becky-bracken) Dark Reading Becky Bracken is a veteran multimedia journalist covering cybersecurity for Dark Reading. [See more from Becky Bracken, Senior Editor, Dark Reading](/author/becky-bracken) Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. [Subscribe](https://dr-resources.darkreading.com/free/w_defa3135/prgm.cgi)You May Also Like*** ** * ** ***More Insights Webinars* [Securing Your Cloud Data Across the Attack Timeline](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_rubr131&ch=SBX&cid=_upcoming_webinars_8.500001513&_mc=_upcoming_webinars_8.500001513)Jan 15, 2025* [The Artificial Future Trend Micro Security Predictions for 2025](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_tren86&ch=SBX&cid=_upcoming_webinars_8.500001514&_mc=_upcoming_webinars_8.500001514)Jan 16, 2025[More Webinars](/resources?types=Webinar) ### Editor’s Choice[Apache’s logo on a mobile phone screen ](/application-security/actively-exploited-bug-struts-2)[Application Security](/application-security) [Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2](/application-security/actively-exploited-bug-struts-2)[Orgs Scramble to Fix Actively Exploited Bug in Struts 2](/application-security/actively-exploited-bug-struts-2) by[Nate Nelson, Contributing Writer](/author/nate-nelson) Dec 19, 2024 5 Min Read [Cute bug on a leaf _KonstantinNechaev-Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale)](/vulnerabilities-threats/fortinet-addresses-unpatched-critical-rce-vector)[Vulnerabilities -& Threats](/vulnerabilities-threats) [Fortinet Addresses Unpatched Critical RCE Vector](/vulnerabilities-threats/fortinet-addresses-unpatched-critical-rce-vector)[Fortinet Addresses Unpatched Critical RCE Vector](/vulnerabilities-threats/fortinet-addresses-unpatched-critical-rce-vector) by[Tara Seals, Managing Editor, News, Dark Reading](/author/tara-seals) Dec 19, 2024 2 Min Read [Pipes in an industrial setting ](/vulnerabilities-threats/ot-ics-engineering-workstations-malware)[Vulnerabilities -& Threats](/vulnerabilities-threats) [OT/ICS Engineering Workstations Face Barrage of Fresh Malware](/vulnerabilities-threats/ot-ics-engineering-workstations-malware)[OT/ICS Engineering Workstations Face Fresh Malware Barrage](/vulnerabilities-threats/ot-ics-engineering-workstations-malware) by[Becky Bracken, Senior Editor, Dark Reading](/author/becky-bracken) Dec 19, 2024 1 Min Read Reports* [Managing Third-Party Risk Through Situational Awareness](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_cybo171&ch=&cid=_analytics_7.300006016&_mc=_analytics_7.300006016)Jul 31, 2024* [2024 InformationWeek US IT Salary Report](https://iw-resources.informationweek.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_ingg253&ch=sbx&cid=_analytics_7.300006014&_mc=_analytics_7.300006014)May 29, 2024[More Reports](/resources?types=Report) Webinars* [Securing Your Cloud Data Across the Attack Timeline](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_rubr131&ch=SBX&cid=_upcoming_webinars_8.500001513&_mc=_upcoming_webinars_8.500001513)Jan 15, 2025* [The Artificial Future Trend Micro Security Predictions for 2025](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_tren86&ch=SBX&cid=_upcoming_webinars_8.500001514&_mc=_upcoming_webinars_8.500001514)Jan 16, 2025[More Webinars](/resources?types=Webinar) White Papers* [Enhancing Cybersecurity: The Critical Role Of Software Security Training](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa7530&ch=SBX&cid=_whitepaper_14.500005851&_mc=_whitepaper_14.500005851)* [6 Key Requirements of Multicloud Security](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo246&ch=SBX&cid=_whitepaper_14.500005833&_mc=_whitepaper_14.500005833)* [The State of Cloud Native Security Report 2024](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo245&ch=SBX&cid=_whitepaper_14.500005832&_mc=_whitepaper_14.500005832)* [Purple AI Datasheet](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_senu27&ch=SBX&cid=_whitepaper_14.500005774&_mc=_whitepaper_14.500005774)* [Generative AI Gifts](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_senu28&ch=SBX&cid=_whitepaper_14.500005773&_mc=_whitepaper_14.500005773)[More Whitepapers](/resources?types=Whitepaper)

Related Tags:
NAICS: 336 – Transportation Equipment Manufacturing

NAICS: 518 – Computing Infrastructure Providers

Data Processing

Web Hosting

Related Services

NAICS: 92 – Public Administration

NAICS: 33 – Manufacturing – Metal

Electronics And Other

NAICS: 51 – Information

Blog: Dark Reading

Software Discovery: Security Software Discovery

Software Discovery

Data Encrypted for Impact

Associated Indicators: