Tech News

Notorious Lockbit cybercrime gang dismantled by NCA, FBI and international coalition


An infamous cybercrime gang that held victims’ data for ransom has been taken down by the National Crime Agency (NCA) and a coalition of international police agencies.

A post on Monday on the Lockbit extortion website said: “This site is now under the control of the UK’s National Crime Agency, working in close cooperation with the FBI and the international task force responsible for law enforcement, “Operation Cronos”.

Europol and other international police organizations from France, Japan, Switzerland, Canada, Australia, Sweden, the Netherlands, Finland and Germany all contributed to this rare police operation.

An NCA spokesperson confirmed the agency had dismantled the gang and said the operation was “ongoing and developing”.

A Lockbit representative posted messages on an encrypted messaging app indicating that it had backup servers unaffected by the police measures.

Lockbit is one of the most prolific and dominant ransomware operators in a highly competitive underground market.

The group and its subsidiaries have hacked some of the world’s largest organizations in recent months. The gang makes money by stealing sensitive data and threatening to release it if victims do not pay an exorbitant ransom.

Its affiliates are like-minded criminal groups recruited to carry out attacks using Lockbit’s digital extortion tools.

Lockbit came to light in 2020 when its malware was discovered on Russian-language cybercrime forums, leading some security analysts to believe the gang is based in Russia.

However, it has not declared support for any government and no government has officially assigned it to a nation-state.

Please use Chrome browser for a more accessible video player

From December: Russian cyberattacks: what we know

On its now-defunct dark website, the group said it was “located in the Netherlands, completely apolitical and only interested in money.”

US officials have described Lockbit as the world’s leading ransomware threat. The group has reached more than 1,700 organizations across the United States in nearly every industry, from financial and food services to schools, transportation and government departments.

Learn more:
FBI disrupts hacking network ‘linked to Russian intelligence’
Parents of US gun violence victims use AI to recreate their voices
Chinese hackers prepare to ‘wreak havoc’ in US, FBI chief warns

Royal mail faced serious disruption after a Lockbit attack early 2023.

Before being taken down, Lockbit’s website displayed an ever-growing gallery of victim organizations, updated almost daily.

Next to their names were digital clocks that showed the number of days remaining until each organization was due to pay the ransom.

On Monday, the site posted a similar countdown, but from law enforcement who wrote: “Check back here for more information at 11:30 GMT on Tuesday February 20.”


Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button