International law enforcement, led by the UK's National Crime Agency, has disrupted the operations of the Lockbit ransomware gang. The group behind notable hacks against the aircraft manufacturer Boeingflea giant Taiwan semiconductor manufacturing company, Subway sandwich chain and thousands more have had his site taken offline on Monday while authorities arrested the main players in the gang. “This site is now under the control of law enforcement,” we can read on the site. According to the Vx-underground malware repositorylaw enforcement took down at least 22 Tor sites affiliated with Lockbit.
“Through our close collaboration, we hacked the hackers, took control of their infrastructure, seized their source code and obtained keys that will help victims decrypt their systems,” said Graeme Biggar, director general of National Crime. Agency. said in a statement. “As of today, LockBit is locked. We have damaged the capabilities and, more specifically, the credibility of a group that depended on secrecy and anonymity. »
Lockbit also admitted defeat. In a statement to Vx-underground, the group said: “The FBI stung me.” Operation Cronos, the name used by law enforcement for their efforts, also resulted in the seizure of source code and other useful data related to Lockbit's operations. At the same time, authorities in Poland, Ukraine and the United States have arrested key members of the ransomware operation. Sanctions are underway against two other Lockbit subsidiaries in Russia.
There is also more good news for Lockbit victims: the operation obtained Lockbit keys for create a decryption tool for victims to recover their data, according to US Attorney General Merrick Garland. Free decryptors can be found via the No More Ransom Project.
Since 2019, when Lockbit first came onto the scene, it has demanded more than $120 million in ransomware payments from victims, according to Acting Assistant AG Nicole Argentieri.