■■■□□
[Case Analysis by CKure]
It’s been a little while since the arrest of Mikhail Pavlovich Matveev a.k.a Wazawaka. A Russian citizen and a ransomware affiliate connected with Conti, REvil, Babuk, Hive, etc.
It is an exceptional case of a ransomware affiliate being arrested and sentenced in Russia. Many cybersecurity professionals believe it to be some sort of a positive shift towards the solution of the unreachable Russian hackers problem.
However, we beleive this situation is unlikely to repeat ever again. Let’s dive deeper into it.
1. It is a broadly known fact that the Russian cyber underground has close links with Russian intelligence agencies. The political, economical and legal curcimstances that have been developing and supporting this alliance over the last 2-3 decades are irreversible at this point in history. No one from the Russian government and secret services has interest in destroying a stable decentralized “infrastructure” that regularly delivers valuable intelligence and damage to the infrastructure of Russia’s enemies.
2. Due to the specifics of the Russian Criminal Code, Matveev was only charged with article 273.1 of the Russian Criminal Code (https://www.consultant.ru/document/cons_doc_LAW_10699/a4d58c1af8677d94b4fc8987c71b131f10476a76/). Although circumstantially, Matveev could and should have also been charged with article 273.2 of the RCC and even article 272.1-3. The evidence for these charges are obvious and present.
3. It is typically believed that as long as Russian hackers don’t attack Russian infrastructure — they’re untouchable by the Russian authorities. Matveev never attacked Russian networks, so what’s the reason behind his arrest then?
Matveev was quite active in social media, mocking the U.S. government, never bothering hiding his real identity and his affiliations with ransomware operations.
He was even giving interview to multiple Western journalists which is a big no-no, even in itself.
https://techcrunch.com/2023/09/18/fbi-most-wanted-hacker-trolling-the-u-s-government/
https://therecord.media/wazawaka-cyber-most-wanted-interview-click-here
We believe by arresting Matveev Russian authorities silenced him and prevented him from potentially leaking sensitive information about the intricacies of the Russian cyber underworld. Secondly, they created a deceptive impression that they are starting to do something with those ransomware guys.
4. When REvil associates were arrested in Russia, they weren’t charged with hacking (272/273 RCC). They’d been only charged with money laundering and sentenced to as lower jailtime as possible.
It was done on purpose to impress the FBI & The U.S. Ministry of Justice, relieve the tensions between Russia and the US even for a short moment.
5. And the most important bit. Neither Matveev nor the arrested REvil affiliates were extradited to the United States. Which speaks volumes.
Thank you for reading this peace!
If you want to see more analytical articles from us in the future, feel free to stamp reactions on this post.
https://t.me/cKure/15009