The United States has extradited Rostislav Panev from Israel to face charges regarding his alleged involvement with the LockBit group.
Inside LockBit’s Operation
LockBit has been one of the most dangerous ransomware groups globally since 2019. The group has extorted an estimated $500 million in ransom payments and caused billions in operational losses. Investigators found that Panev had administrative access to a repository hosting LockBit’s ransomware builder tool, allowing affiliates to create customized versions of the malware. Panev’s computer also contained source code for StealBit, a data-exfiltration tool used by LockBit to extract sensitive information from targeted systems.
Arrest and Extradition
Panev was arrested in Haifa, Israel, in August 2024 after the United States requested his provisional arrest. Following months of legal proceedings, Panev was extradited to the U.S. and made his initial appearance in a New Jersey district court on March 15, 2025. He is the third alleged LockBit member to be detained in connection with the group’s activities. Russian-Canadian national Mikhail Vasiliev and Russian citizen Ruslan Magomedovich Astamirov remain in custody awaiting extradition and trial.
Global Cybersecurity Impact
Panev’s extradition underscores ongoing international cooperation to target ransomware groups operating globally. The U.S. Department of Justice emphasized that participants in the LockBit conspiracy will be found and held accountable. The extradition is a testament to the global law enforcement's focus on combating ransomware threats and protecting critical infrastructure from cyberattacks.
Rostislav Panev’s extradition to the US reflects the international legal system's commitment to tackling global cybercrime.
