The U.S. and Western partners have disrupted one of the world’s most prolific cybercrime gangs, the Department of Justice(DOJ) announced on Tuesday.
The Lockbit cybercrime group has targeted thousands of individuals across the globe with ransomware schemes, seizing over $120 million in ransom payments and demanding hundreds of millions more from victims, according to the DOJ. Working with the U.K. and a host of other nations, the DOJ and FBI seized Lockbit’s network and issued global arrest warrants for the criminals involved in the operation.
“Today, the FBI and our partners have successfully disrupted the LockBit criminal ecosystem, which represents one of the most prolific ransomware variants across the globe,” FBI Director Chris Wray said in a statement on Tuesday. “Through years of innovative investigative work, the FBI and our partners have significantly degraded the capabilities of those hackers responsible for launching crippling ransomware attacks against critical infrastructure and other public and private organizations around the world.”
The joint operation, labeled “Operation Cronos” involved the U.S. and ten other nations, according to Reuters. Working together across various agencies, Cronos gained access to Lockbit’s network infrastructure system and seized control of it, shutting the criminals out while also obtaining keys that could help decrypt data stolen from victims of the ransomware scheme, according to the DOJ.
“We have hacked the hackers,” National Crime Agency Director General Graeme Biggar said in a statement on Tuesday. “As of today, LockBit is locked out. We have damaged the capability and most notably, the credibility of a group that depended on secrecy and anonymity.”
Once the Cronos coalition seized control of Lockbit’s infrastructure, it replaced the cybercriminal’s website with a host of options for victims of the ransomware scheme to get help in getting their data back, according to Reuters. Two indictments were unsealed Tuesday against two Lockbit actors, who were also sanctioned by the Treasury Department; two other actors have already been arrested, according to the DOJ.
Lockbit is considered to be one of the most notorious and well-orchestrated cybercriminal groups in the world; in late 2023, the group published internal documents from Boeing, a major defense contractor. The group also claimed the U.S. branch of China’s ICBC was forced to pay ransom after having data stolen, according to Reuters.
“Our work does not stop here,” Biggar said on Tuesday. “LockBit may seek to rebuild their criminal enterprise. However, we know who they are, and how they operate. We are tenacious and we will not stop in our efforts to target this group and anyone associated with them.”
Jake Smith on February 20, 2024