Chalk one up for the good guys:
Global law enforcement agencies said Tuesday that they have significantly infiltrated the operations of LockBit, one of the world’s most prolific criminal ransomware gangs, in an international operation that aimed to disrupt the group’s repeated attacks.
According to a statement issued Tuesday, an international task force led by Britain’s National Crime Agency, representing 11 different countries’ law enforcement agencies including the FBI, was behind the investigation into LockBit. “After infiltrating the group’s network, the NCA has taken control of LockBit’s services, compromising their entire criminal enterprise,” the British agency said.
Of course, there's a distinct Russian odor:
The malicious ransomware variant has been deployed by criminal hackers to extort tens of millions of dollars from victims around the world — ranging from global banks to local schools. It is widely believed to be operated from Russia.
As part of the joint operation, two people were arrested Tuesday morning in Poland and Ukraine, and over 200 cryptocurrency accounts were frozen, according to the NCA’s statement. In the United States, the Department of Justice said it has criminally charged two Russian nationals with using LockBit to carry out ransomware attacks, both of whom are in U.S. custody.
In a statement, NCA Director General Graeme Biggar described LockBit as the “most harmful cyber crime group” in the world. “Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems. As of today, LockBit are locked out.”...
Ir would be utterly naive for anyone to believe that these cyber criminals operating out of Russia are doing so without the knowledge and involvement of the Russian state and its chief criminal/ thug Putin. Russians are prolific cyber criminals, both in collecting national security information and in hacking systems for ransomware.
Cyber criminals will continue to operate as long as there are networks and computers and people with no conscience. But any time one of their operations is disrupted, it's cause for celebration, particularly for anyone who's been the victim of a ransomware attack.
(Image: take down notice on LockBit's dark web site / via Reuters)