How A Hacker Group Was Taken Down By An International Operation

9 months ago 10
ARTICLE AD BOX

In a significant blow to cybercrime, law enforcement agencies from the UK, US, and several other countries have seized the online site of LockBit, a notorious ransomware gang. LockBit is known for offering tools and services to criminals, enabling them to launch ransomware attacks and extort money from victims by encrypting their data.

On Monday evening, a message appeared on the LockBit website stating it was "now under the control of law enforcement." The message further confirmed collaboration between the UK's National Crime Agency (NCA), the FBI, and "Operation Cronos," an international law enforcement task force.

"This is an ongoing and developing operation," the message declared, inviting further updates.

Latest and Breaking News on NDTV

The seizure of LockBit's website represents a major development in the fight against ransomware, as it disrupts the gang's ability to communicate with its members and recruit new attackers. While the full extent of the operation remains unclear, it indicates a coordinated international effort to dismantle ransomware infrastructure and bring perpetrators to justice.

An NCA spokesperson and a US Department of Justice spokesperson confirmed that the agencies had disrupted the gang and said the operation was "ongoing and developing".
Officials in the United States, where Lockbit has hit more than 1,700 organisations in nearly every industry, from financial services and food to schools, transportation, and government departments, have described the group as the world's top ransomware threat.

A representative for Lockbit did not respond to messages from Reuters seeking comment but did post messages on an encrypted messaging app saying it had backup servers not affected by the law enforcement action. The FBI did not immediately respond to requests for comment.

The post named other international police organisations from France, Japan, Switzerland, Canada, Australia, Sweden, the Netherlands, Finland, and Germany.

Lockbit and its affiliates have hacked some of the world's largest organisations in recent months. The gang makes money by stealing sensitive data and threatening to leak it if victims fail to pay an extortionate ransom. Its affiliates are like-minded criminal groups that Lockbit recruits to wage attacks using its digital extortion tools.

Ransomware is malicious software that encrypts data. Lockbit makes money by coercing its targets into paying a ransom to decrypt or unlock that data with a digital key.

Lockbit was discovered in 2020, according to Reuters, when its eponymous malicious software was found on Russian-language cybercrime forums, leading some security analysts to believe the gang is based in Russia.

The gang has not professed support for any government, however, and no government has formally attributed it to a nation-state. On its now-defunct darkweb site, the group said it was "located in the Netherlands, completely apolitical, and only interested in money."

(With inputs from Reuters)

Read Entire Article