A coalition of international law enforcement agencies, including the FBI and the U.K.’s National Crime Agency, have successfully disrupted the operations of the notorious LockBit ransomware gang. This action has resulted in the compromise of LockBit’s primary platform and other critical infrastructure that enabled their criminal enterprise.
Key Takeaway
A coalition of international law enforcement agencies, including the FBI and the U.K.’s National Crime Agency, have successfully disrupted the operations of the notorious LockBit ransomware gang, resulting in the compromise of LockBit’s primary platform and other critical infrastructure that enabled their criminal enterprise.
LockBit’s Dark Web Leak Site Replaced by Law Enforcement Notice
The dark web leak site of LockBit, where the group publicly lists its victims and threatens to leak their stolen data unless a ransom demand is paid, was replaced with a law enforcement notice on Monday. This site is now under the control of the National Crime Agency of the U.K., working in close cooperation with the FBI and the international law enforcement task force, ‘Operation Cronos’.
International Collaboration and Seizures
Operation Chronos, a task force headed by the NCA and coordinated in Europe by Europol and Eurojust, involved other international police organizations from the United States, France, Japan, Switzerland, Canada, Australia, Sweden, the Netherlands, Finland, and Germany. The operation has led to the takedown of 34 servers in various countries and the seizure of over 200 cryptocurrency wallets.
Indictments and Arrests
The U.S. Justice Department unsealed indictments against two Russian nationals for their alleged involvement in LockBit attacks. Additionally, two alleged LockBit actors have been arrested in Poland and Ukraine at the request of the French judicial authorities.
Assistance to Ransomware Victims
As part of Operation Cronus, law enforcement agencies have obtained decryption keys from seized LockBit infrastructure to help victims of the ransomware gang regain access to their data.
Impact of LockBit Ransomware Gang
Since its emergence in late 2019, LockBit has become one of the world’s most prolific cybercrime gangs, with approximately 2,000 ransomware attacks against victim systems in the United States and worldwide, resulting in over $120 million in ransom payments. The group has claimed responsibility for hacking some of the world’s largest organizations, including aerospace giant Boeing, chipmaker TSMC, and U.K. postal giant Royal Mail.