Lockbit, the world's most notorious cybercrime gang that holds victims' data for ransom, has been brought down thanks to a rare international law enforcement action.
The front page of LockBit's dark web ransomware site displays the words “This site is currently under law enforcement control,” along with flags from the UK, US, and several other countries.
The FBI and international allies have seized a dark web extortion site that the world's most notorious ransomware gang used to extort money from its victims. (Photo: AP)
In fact, the new operation was led by the UK's National Crime Agency, the US Federal Bureau of Investigation, Europol and a coalition of other international police agencies from France, Japan, Switzerland, Canada, Australia, Sweden, the Netherlands, Finland and Germany.
A spokesperson for the US Department of Justice confirmed that the agencies had disrupted LockBit’s dark web extortion site, and said the operation was ongoing and would continue to grow. Experts say the ransomware group’s takeover of the dark web will force the cybercriminals to set up new computer infrastructure to extort money from victims.
A Lockbit representative posted a message on an encrypted messaging app saying the site had backup servers and was not affected by the latest law enforcement action.
In addition, US and UK authorities have also revealed a fuller picture of the latest LockBit crackdown, with the FBI developing software that could allow hundreds of victims around the world to decrypt computers locked by the group. Meanwhile, Europol, the EU’s law enforcement agency, said two LockBit agents had been arrested in Poland and Ukraine, at the request of French authorities, without naming the two.
Government and private investigators around the world will now be closely watching LockBit’s next moves. Well-resourced ransomware groups often rebuild their computer infrastructure after law enforcement has disrupted them, and often rebrand their hacking tools.
In the US, Lockbit has hit more than 1,700 organizations across nearly every industry, from financial services and food to schools, transportation and government agencies, and officials in the US have described Lockbit as the world's top ransomware threat.
Lockbit and its affiliates have reportedly attacked some of the world’s largest organizations in recent months. The gang makes money by stealing sensitive data and threatening to leak it unless victims pay a ransom. Its affiliates are like-minded criminal groups that Lockbit recruits to carry out attacks using its digital extortion tools.
Lockbit was discovered in 2020 when its eponymous malware was found on Russian-language cybercrime forums, leading some security analysts to believe the gang was based in Russia. However, the gang has not claimed to support any government and has no government behind it.
com/2024/02/19/politics/fbi-ransomware-lockbit-dark-web-site/index.html
Source
Comment (0)