A coalition of international law enforcement agencies, including the FBI and UK National Crime Agency, said they have disrupted LockBit, one of the most prolific hacker groups of all time, including shutting down websites the organisation used for ransomware payments.
A post on the gang’s website Monday said it’s “now under the control” of the UK agency, the FBI and other law enforcement agencies.
Law enforcement from 11 different countries took part in the operation, which seized 11,000 domains used by LockBit and its affiliates to facilitate ransomware, an FBI official said. The operation, which disrupted LockBit’s infrastructure and targeted its malware deployment system, took place in recent days, the official said.
LockBit specialises in using malicious software known as ransomware to encrypt files on its victims’ computers, then demanding payment to unlock the files. The operation recruits hackers to conduct the cyberattacks using LockBit’s tools and infrastructure. LockBit gets a cut of any ransom extorted in the hacks.
The group was responsible for last year’s attack on the US arm of Industrial & Commercial Bank of China Ltd, which disrupted the US$26bil (RM124.59bil) US Treasury market. It also took down a website that Boeing Co uses to sell spare aircraft parts, software and services.
LockBit first came to prominence in 2021, calling itself LockBit 1.0. In 2022, it became LockBit 2.0 and its latest iteration is LockBit Green. One of the group’s most recent victims was EquilLend. The trading platform, which processes trillions of dollars of transactions a month, said the incident on Jan 22 affected some automated securities lending services.
The hacking group has claimed 1,600 victims in the US and 2,000 internationally, according to the FBI. A good majority are within the private sector, and the FBI said it’s tracking 144 million ransoms paid in relation to LockBit attacks. – Bloomberg