The National Crime Agency (NCA), the Federal Bureau of Investigation (FBI), Europol, and law enforcement agencies worldwide worked together to shut down the operational network of LockBit, a well-known global ransomware group.
Historic Coalition Dismantles LockBit Ransomware Empire
The attack on LockBit’s “command and control” systems was a significant setback for the ransomware group behind high-profile hacks and crypt-extortion in recent years. Because the alliance worked together, LockBit’s website was taken over and proudly displayed a disclaimer stating it had been taken over.
LockBit, a company known for planning large-scale hacks, was responsible for hacking into well-known companies like Bangkok Airways, Accenture, and Canadian Government Services. Capital Health, which operated two big hospitals and many satellite and specialty clinics across the US, was the target of the syndicate in November.
Due to the international crackdown, many people were arrested, including key LockBit players in Poland and Ukraine. Two people in the United States who were considered allies are now facing additional charges. Two Russians linked to the group have also been named by the police, but they are still on the run.
The alliance was able to freeze over 200 cryptocurrency accounts linked to the ransomware network to stop LockBit from doing business. This move succeeded in cutting off cybercriminals’ access to funds, which prevents them from engaging in illicit activity.
The group took over LockBit’s ransomware countdown timer, which used to show when they would leak victim data. This was an interesting change to the plan. The NCA-led alliance used these timers for something else and planned when their information would be made public. This risky move, which could have led to the leader of the ransomware group being found out, was a symbolic response to the criminal gang’s actions.
Lockbit would publish stolen information on their blog
Now it’s the NCA’s turn https://t.co/Y4dNMufFQ4 pic.twitter.com/0388ThuvMA
— CertiK Alert (@CertiKAlert) February 20, 2024
The U.S. Department of Justice (DOJ) expanded its legal steps against LockBit by charging Artur Sungatov and Ivan Kondratyev, both Russian citizens. They are being charged with launching LockBit ransomware attacks on American targets.