MIL Security Engine-1

Source: US FBI

NEWARK, N.J. – A dual Russian and Israeli national was extradited to the United States on charges that he was a developer of the LockBit ransomware group, United States Attorney John Giordano announced.

In August, Rostislav Panev, 51, was arrested in Israel pursuant to a U.S. provisional arrest request.  Today, Panev was extradited to the United States and had an initial appearance before U.S. Magistrate Judge André M. Espinosa where Panev was detained pending trial.

“Rostislav Panev’s extradition to the District of New Jersey makes it clear: if you are a member of the LockBit ransomware conspiracy, the United States will find you and bring you to justice,” said United States Attorney John Giordano. “Even as the means and methods of cybercriminals become more sophisticated, my Office and our FBI, Criminal Division, and international law enforcement partners are more committed than ever to prosecuting these criminals.”

“No one is safe from ransomware attacks, from individuals to institutions. Along with our international partners, the FBI continues to leave no stone unturned when it comes to following LockBit’s trail of destruction. We will continue to work tirelessly to prevent actors, such as Panev, from hacking their way to financial gain,” said Acting Special Agent in Charge of the FBI Newark Division Terence G. Reilly.

According to the superseding complaint, documents filed in this and related cases, and statements made in court, Panev acted as a developer of the LockBit ransomware group from its inception in or around 2019 through at least February 2024. During that time, Panev and his LockBit coconspirators grew LockBit into what was, at times, the most active and destructive ransomware group in the world. The LockBit group attacked more than 2,500 victims in at least 120 countries around the world, including 1,800 in the United States. Their victims ranged from individuals and small businesses to multinational corporations, including hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies. LockBit’s members extracted at least $500 million in ransom payments from their victims and caused billions of dollars in other losses, including lost revenue and costs from incident response and recovery.

LockBit’s members were comprised of “developers,” like Panev, who designed the LockBit malware code and maintained the infrastructure on which LockBit operated. LockBit’s other members, called “affiliates,” carried out LockBit attacks and extorted ransom payments from LockBit victims. LockBit’s developers and affiliates would then split the ransom payments which were extorted from victims.

As alleged in the superseding complaint, at the time of Panev’s arrest in Israel in August, law enforcement discovered on Panev’s computer administrator credentials for an online repository that was hosted on the dark web and stored source code for multiple versions of the LockBit builder, which allowed LockBit’s affiliates to generate custom builds of the LockBit ransomware malware for particular victims. On that repository, law enforcement also discovered source code for LockBit’s StealBit tool, which helped LockBit affiliates exfiltrate data stolen through LockBit attacks. Law enforcement also discovered access credentials for the LockBit control panel, an online dashboard maintained by LockBit developers for LockBit’s affiliates and hosted by those developers on the dark web.

The superseding complaint also alleges that Panev exchanged direct messages through a cybercriminal forum with LockBit’s primary administrator, who, in an indictment unsealed in the District of New Jersey in May, the United States alleged to be Dimitry Yuryevich Khoroshev (Дмитрий Юрьевич Хорошев), also known as LockBitSupp, LockBit, and putinkrab. In those messages, Panev and the LockBit primary administrator discussed work that needed to be done on the LockBit builder and control panel.

Court documents further indicate that, between June 2022 and February 2024, the primary LockBit administrator made a series of transfers of cryptocurrency, laundered through one or more illicit cryptocurrency mixing services, of approximately $10,000 per month to a cryptocurrency wallet owned by Panev. Those transfers amounted to over $230,000 during that period.

In interviews with Israeli authorities following his arrest in August, Panev admitted to having performed coding, development, and consulting work for the LockBit group and to having received regular payments in cryptocurrency for that work, consistent with the transfers identified by U.S. authorities. Among the work that Panev admitted to having completed for the LockBit group was the development of code to disable antivirus software; to deploy malware to multiple computers connected to a victim network; and to print the LockBit ransom note to all printers connected to a victim network. Panev also admitted to having written and maintained LockBit malware code and to having provided technical guidance to the LockBit group.

The LockBit Investigation

The superseding complaint against, and apprehension of, Panev follows a disruption of LockBit ransomware in February 2024 by the U.K. National Crime Agency (NCA)’s Cyber Division, which worked in cooperation with the Justice Department, FBI, and other international law enforcement partners. As previously announced by the Department, authorities disrupted LockBit by seizing numerous public-facing websites used by LockBit to connect to the organization’s infrastructure and by seizing control of servers used by LockBit administrators, thereby disrupting the ability of LockBit actors to attack and encrypt networks and extort victims by threatening to publish stolen data. That disruption succeeded in greatly diminishing LockBit’s reputation and its ability to attack further victims, as alleged by documents filed in this case.

The superseding complaint against Panev also follows charges brought in the District of New Jersey against other LockBit members, including its alleged primary creator, developer, and administrator, Dmitry Yuryevich Khoroshev. An indictment against Khoroshev unsealed in May alleges that Khoroshev began developing LockBit as early as September 2019, continued acting as the group’s administrator through 2024, a role in which Khoroshev recruited new affiliate members, spoke for the group publicly under the alias “LockBitSupp,” and developed and maintained the infrastructure used by affiliates to deploy LockBit attacks. Khoroshev is currently the subject of a reward of up to $10 million through the U.S. Department of State’s Transnational Organized Crime (TOC) Rewards Program, with information accepted through the FBI tip website at www.tips.fbi.gov/.

A total of seven LockBit members have now been charged in the District of New Jersey. Beyond Panev and Khoroshev, other previously charged LockBit defendants include:

• In July, two LockBit affiliate members, Mikhail Vasiliev, also known as Ghostrider, Free, Digitalocean90, Digitalocean99, Digitalwaters99, and Newwave110, and Ruslan Astamirov, also known as BETTERPAY, offtitan, and Eastfarmer, pleaded guilty in the District of New Jersey for their participation in the LockBit ransomware group and admitted deploying multiple LockBit attacks against U.S. and foreign victims. Vasiliev and Astamirov are presently in custody awaiting sentencing.
• In February 2024, in parallel with the disruption operation described above, an indictment was unsealed in the District of New Jersey charging Russian nationals Artur Sungatov and Ivan Kondratyev, also known as Bassterlord, with deploying LockBit against numerous victims throughout the United States, including businesses nationwide in the manufacturing and other industries, as well as victims around the world in the semiconductor and other industries. Sungatov and Kondratyev remain at large.
• In May 2023, two indictments were unsealed in Washington, D.C., and the District of New Jersey charging Mikhail Matveev, also known as Wazawaka, m1x, Boriselcin, and Uhodiransomwar, with using different ransomware variants, including LockBit, to attack numerous victims throughout the United States, including the Washington, D.C., Metropolitan Police Department. Matveev remains at large and is currently the subject of a reward of up to $10 million through the U.S. Department of State’s TOC Rewards Program, with information accepted through the FBI tip website at www.tips.fbi.gov/.

The U.S. Department of State’s Transnational Organized Crime (TOC) Rewards Program is offering rewards of:

Information is accepted through the FBI tip website at tips.fbi.gov.

Khoroshev, Matveev, Sungatov, and Kondratyev have also been designated for sanctions by the Department of the Treasury’s Office of Foreign Assets Control for their roles in launching cyberattacks.

Victim Assistance

LockBit victims are encouraged to contact the FBI and submit information at www.ic3.gov. As announced by the Department in February, law enforcement, through its disruption efforts, has developed decryption capabilities that may enable hundreds of victims around the world to restore systems encrypted using the LockBit ransomware variant. Submitting information at the IC3 site will enable law enforcement to determine whether affected systems can be successfully decrypted.

LockBit victims are also encouraged to visit www.justice.gov/usao-nj/lockbit for case updates and information regarding their rights under U.S. law, including the right to submit victim impact statements and request restitution, in the criminal litigation against Panev, Astamirov, and Vasiliev.

The FBI Newark Field Office, under the supervision of Acting Special Agent in Charge Terence G. Reilly, is investigating the LockBit ransomware variant. Israel’s Office of the State Attorney, Department of International Affairs, and Israel National Police; France’s Gendarmerie Nationale Cyberspace Command, Paris Prosecution Office — Cyber Division, and judicial authorities at the Tribunal Judiciare of Paris; Europol; Eurojust; the United Kingdom’s National Crime Agency; Germany’s Landeskriminalamt Schleswig-Holstein, Bundeskriminalamt, and the Central Cybercrime Department North Rhine-Westphalia; Switzerland’s Federal Office of Justice, Public Prosecutor’s Office of the Canton of Zurich, and Zurich Cantonal Police; Spain’s Policia Nacional and Guardia Civil; authorities in Japan; Australian Federal Police; Sweden’s Polismyndighetens; Canada’s Royal Canadian Mounted Police; Politie Dienst Regionale Recherche Oost-Brabant of the Netherlands; and Finland’s National Bureau of Investigation have provided significant assistance and coordination in these matters and in the LockBit investigation generally.

Assistant U.S. Attorneys Andrew M. Trombly, David E. Malagold, and Vinay Limbachia for the District of New Jersey and Trial Attorneys Debra Ireland and Jorge Gonzalez of the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS) are prosecuting the charges against Panev and the other previously charged LockBit defendants in the District of New Jersey.

The Justice Department’s former Cybercrime Liaison Prosecutor to Eurojust, Office of International Affairs, and National Security Division also provided significant assistance.

Additional details on protecting networks against LockBit ransomware are available at StopRansomware.gov. These include Cybersecurity and Infrastructure Security Agency Advisories AA23-325A, AA23-165A, and AA23-075A. 

The charges and allegations contained in the superseding complaint and above-named Indictments are merely accusations, and the defendants are presumed innocent unless and until proven guilty.

###

Defense counsel: Frank Arleo, Esq.

Source: US FBI

NEWARK, N.J.  A Florida man was convicted by a federal jury for his role in a durable medical equipment (DME) kickback scheme that caused millions of dollars in losses to Medicare and other insurance providers, United States Attorney John Giordano announced.

Following a month-long jury trial before U.S. District Judge Michael E. Farbiarz, Raheel Naviwala, 36, of Coral Springs, Florida, was convicted on Feb. 28, 2025, of conspiracy to commit health care fraud and wire fraud, one count of health care fraud, conspiracy to violate the Anti-Kickback Statute, and three counts of violating the Anti-Kickback Statute. He was also acquitted of two counts of health care fraud.

“This Office is committed to prosecuting those like the defendant who seek to profit by defrauding and corrupting our nation’s medical systems,” United States Attorney John Giordano said. “When people siphon millions from Medicare to line their own pockets, regular citizens pay the price. This case demonstrates that serious consequences will follow for such conduct.”

“The scheme Naviwala and his co-conspirators created to steal money from the government was complex and expansive,” FBI Acting Special Agent in Charge Terence G. Reilly said. “However, FBI Newark and our law enforcement partners have the expertise and grit to dig through mountains of data and find the fraudsters. We want this case to serve as a warning to anyone hoping to capitalize on hiding under the red tape – we are still here, and you will eventually get caught.”

“The defendant convicted in this case prioritized greed over the provision of appropriate health care services to patients, bilking the federal government for medically unnecessary durable medical equipment,” stated Special Agent in Charge Naomi Gruchacz with the U.S. Department of Health and Human Services Office of Inspector General (HHS-OIG). “HHS-OIG will continue to work with our law enforcement partners to ensure the integrity of the federal health care system and hold accountable owners and providers engaging in fraud that targets its programs.”

“Investigating corrupt schemes that undermine the integrity of TRICARE, the healthcare system for military members and their families, is a top priority for the Department of Defense Office of Inspector General’s Defense Criminal Investigative Service (DCIS),” stated Special Agent in Charge Patrick J. Hegarty, DCIS Northeast Field Office. “Mr. Naviwala’s illegal schemes put the TRICARE program and its beneficiaries at risk. We are committed to working with our partner agencies and the Department of Justice to pursue those individuals who selfishly place personal gain over the safety and care of TRICARE beneficiaries.”

“Schemes such as these compromise the integrity of VA’s programs and services and divert funds from our nation’s deserving veterans,” said Special Agent in Charge Christopher F. Algieri with the Department of Veterans Affairs Office of Inspector General’s Northeast Field Office. “The VA OIG will continue to work with our law enforcement partners to root out fraudsters and hold them accountable.”

According to the evidence at trial:

Naviwala and his coconspirators purchased lists of Medicare patients’ names, addresses, and phone numbers, and hired telemarketers to convince the patients to get DME (orthotic braces). These telemarketers pre-filled prescriptions and picked the highest-paying braces to bill to insurers. Naviwala then paid telemedicine doctors to sign the pre-filled prescriptions for braces, regardless of whether the patients needed or wanted braces. Generally, the telemedicine doctor did not even speak to the patients before signing the pre-filled prescriptions.

Naviwala then sold the signed prescriptions to DME supply companies that could bill Medicare, TRICARE, and other insurers for the braces. To conceal the fraud, Naviwala and his coconspirators signed sham contracts and used sham invoices that falsely represented that Naviwala was billing DME supply companies for marketing or consulting.

Naviwala also owned and operated a DME supply company that was used to bill Medicare, and which submitted claims to Medicare for up to nine braces for a single patient.

To further conceal his illegal conduct, Naviwala put multiple of his businesses in the names of nominee owners. The nominee owners generally performed no legitimate work for any company and were paid to hide Naviwala’s involvement.

Medicare and other insurers paid hundreds of millions of dollars to members of the conspiracy and paid at least approximately $100 million for DME associated with Naviwala’s companies. Naviwala personally pocketed more than $10 million in fraud proceeds.

Conspiracy to commit health care fraud and wire fraud is punishable by a maximum potential penalty of 20 years in prison. Health care fraud is punishable by a maximum potential penalty of 10 years in prison. Conspiracy to violate the federal Anti-Kickback Statute is punishable by a maximum potential penalty of five years in prison. Each count of illegal kickbacks is punishable by a maximum potential penalty of 10 years in prison. Each count is also punishable by a fine. Sentencing is scheduled for 10 a.m. on July 29, 2025, before Judge Farbiarz in Newark.

United States Attorney John Giordano credited special agents of the FBI, under the direction of Acting Special Agent in Charge Terence G. Reilly in Newark; HHS-OIG, under the direction of Special Agent in Charge Naomi Gruchacz; DCIS, under the direction of Special Agent in Charge Patrick J. Hegarty; and the U.S. Department of Veterans Affairs Office of Inspector General, under the direction of Special Agent in Charge Christopher F. Algieri with the investigation leading to the conviction.

The government is represented by Assistant U.S. Attorneys Elaine K. Lou, Deputy Chief of the Criminal Division, Matthew Specht of the Special Prosecutions Division, and Aaron L. Webman of the Economic Crimes Unit in Newark.

                                                           ###

Defense counsel:

Jamie Hoxie Solano, Esq. New York, New York

Amy C. Brown, Esq. New York, New York

Bryan W. McCracken, Esq. New York, New York

Ifedapo Benjamin, Esq. New York, New York

Source: US FBI

FBI Newark, Pennsylvania State Police Fugitive Unit, Stroud Regional Police Department, and the U.S. Marshals Service are asking for the public’s help finding Ricky ‘Angel’ Vargas (36), who was charged in federal court with unlawful flight to avoid prosecution after being indicted in Bergen County on first degree murder charges. FBI Newark is offering a reward of up to $15,000 for information leading to his arrest.

Detectives with the Bergen County Prosecutor’s Office say Vargas stabbed a man on February 4, 2024, at the JoJo’s Bar and Grill in Garfield, NJ. They say Vargas, a member of the Latin Kings gang, stabbed Richard Franceschi, who later died from his injuries.

Vargas’ last known residence was in East Stroudsburg, Pennsylvania. He also has connections to Chicago, Illinois, and Winter Park, Florida. He does not have a valid driver’s license and is known to use ride share apps and mass transit to get around. He is around 5’5, 200lbs, with numerous tattoos on his arms and hands. He typically has facial hair and wears glasses. 

Vargas is considered armed and dangerous. Anyone with information regarding his whereabouts is asked to call the FBI at 1-800-CALL-FBI, the FBI Newark Field Office at 973-792-3000, or submit a tip online at tips.fbi.gov. They could receive a reward of up to $15,000 for information leading to his arrest.

Source: US FBI

Kyse S. Abushanab, 27, of Budd Lake, New Jersey, pleaded guilty today to a one-count information charging him with concealing material support and resources to a designated foreign terrorist organization.

According to court documents, between in or around March 2021 and in or around January 2022, Abushanab compiled resources, including information pertaining to the manufacture and use of weapons of mass destruction, with the aim of providing members of the Islamic State of Iraq and Syria (ISIS or the Islamic State), a designated foreign terrorist organization, and its supporters with a repository of information and resources to help carry out ISIS’s mission. This material included, among other things, videos and documents showing step-by-step instructions on how to make suicide belts or vests, detonators and timers, improvised bombs, and other explosives and incendiary devices. In an effort to evade detection by law enforcement, Abushanab took steps to conceal his efforts to assist ISIS by, among other things, using encrypted applications, untraceable email accounts, and a secured cloud storage space to gather and store information on how to make a variety of weapons of mass destruction.

The charge of concealment of provision of material support carries a maximum penalty of 10 years in prison and a fine of up to $250,000. Sentencing is scheduled for Sept. 24.

Sue Bai, head of the Justice Department’s National Security Division; Acting U.S. Attorney Vikas Khanna for the District of New Jersey; Assistant Director David J. Scott of the FBI’s Counterterrorism Division; and Acting Special Agent in Charge Terence G. Reilly of the FBI Newark Field Office made the announcement.

The FBI is investigating the case, with valuable assistance provided by the Morris County Sheriff’s Office.

Assistant U.S. Attorney Sammi Malek for the District of New Jersey and Trial Attorney Ryan White of the National Security Division’s Counterterrorism Section are prosecuting the case.

Source: US FBI

NEWARK, N.J. – An Essex County man was charged today with (i) being a felon in possession of a firearm, (ii) possession with intent to distribute fentanyl, heroin, and methamphetamine, and (iii) possessing a firearm in furtherance of a drug trafficking crime, Acting U.S. Attorney Vikas Khanna announced.

Michael Weaver, 38, of Irvington, New Jersey was charged today by superseding indictment with the above-referenced charges, and his arraignment will be scheduled before U.S. District Judge Claire C. Cecchi in Newark federal court.

As a result of Weaver’s significant and violent criminal history, which includes numerous convictions in Essex County for robbery, aggravated assault, unlawful weapons possession, and drug trafficking, he was charged under the Armed Career Criminal Act.  That charge carries a mandatory minimum penalty of 15 years in prison.  In total, as a result of all the charges in the Superseding Indictment, Weaver faces a total mandatory minimum sentence of 20 years in prison and a maximum sentence of imprisonment of life in prison.  Each offense carries a maximum fine of $250,000.  

Acting U.S. Attorney Khanna credited special agents of the Federal Bureau of Investigation, under the direction of Acting Special Agent in Charge Terence G. Reilly, the Essex County Prosecutor’s Office, under the direction of Prosecutor Theodore N. Stephens II and Chief Mitchell G. McGuire, and the Newark Police Department, under the direction of Director Emanuel Miranda, with the investigation.

The government is represented by Assistant U.S. Attorney Joseph Stern of the Opioid Abuse Prevention and Enforcement Unit in Newark.

The charges and allegations contained in the Superseding Indictment are merely accusations, and the defendant is presumed innocent unless and until proven guilty.
 

Source: US FBI

RENO – A Reno man was sentenced Monday by United States District Judge Anne R. Traum to five years in prison to be followed by three years of supervised release for assaulting three teenagers, leaving one seriously injured, on the Reno-Sparks Indian Colony reservation.

According to court documents, on September 2, 2023, Roy Ramirez, 25, pistol-whipped a teenager in the face, pistol-whipped a second teenager in the head, and pointed the firearm at a third teenager. The second teenager was a 13-year-old child who suffered multiple life-threatening injuries. Ramirez was on state parole at the time of the assault.

Ramirez pleaded guilty to one count of Assault with a Dangerous Weapon Within Indian Country and one count of Assault Resulting in Serious Bodily Injury Within Indian Country.

United States Attorney Jason M. Frierson for the District of Nevada and Special Agent in Charge Spencer L. Evans for the FBI made the announcement.

The FBI, Nevada Parole and Probation, and the Reno-Sparks Indian Colony Tribal Police investigated the case. Assistant United States Attorney Penelope Brady prosecuted the case.

###

 

Source: US FBI

In keeping with our standard Election Day protocol, FBI Las Vegas has stood up an Election Command Post in preparation for the election on November 5. The command post is staffed 24 hours a day to provide a centralized location for assessing election-related threats in our area of responsibility. The FBI has a duty to plan for a host of potential scenarios related to election fraud, voter suppression, foreign malign influence, malicious cyber activity against election infrastructure, and threats to election workers. We are committed to protecting the American public’s right to a fair and safe election.

For decades, the FBI has served as the primary agency responsible for investigating allegations of federal election crimes, including campaign finance violations, ballot/voter fraud, and civil rights violations. In close partnership with the Department of Justice (DOJ), the FBI established the Election Threats Task Force to identify and address reported threats targeting election workers.

The FBI takes our responsibility very seriously and works closely with our federal, state, and local partners to identify and stop any potential threats to public safety. We gather and analyze intelligence to determine whether individuals might be motivated to take violent action for any reason, including due to concerns about the election.

It is vital the FBI, our law enforcement partners, and the public work together to protect our communities as Americans exercise their right to vote. We encourage the public to remain vigilant and immediately report any suspicious activity to law enforcement. The FBI takes all threats of violence seriously, including threats targeting those who do the critical work of administering free and fair elections throughout the U.S.

The Justice Department has long recognized that the states—not the federal government—are responsible for administering elections, determining the validity of votes, and tabulating the results, with challenges handled by the appropriate election administrators, officials, legislatures, and courts. The Department’s role is limited to investigating and prosecuting violations of federal election laws and deterring criminal conduct.

FBI Las Vegas encourages citizens to report allegations of election fraud and other election abuses. You can reach the FBI at tips.fbi.gov or 1-800-CALL-FBI (1-800-225-5324).