International Law Enforcement Disrupts Lockbit Ransomware Gang’s Operations
2 min readThe Lockbit ransomware gang, notorious for its cyberattacks against major corporations and organizations, has suffered a significant blow as international law enforcement agencies took down its infrastructure and arrested key members of the group. The takedown, named Operation Cronos, was led by the UK’s National Crime Agency and resulted in the seizure of the group’s source code and other valuable data.
The Lockbit gang, which had been in operation since 2019, had amassed a fortune of over $120 million through ransomware payments from its victims. Some of the high-profile companies that fell prey to Lockbit’s attacks include Boeing, Taiwan Semiconductor Manufacturing Company, and Subway.
The takedown of Lockbit began on Monday when law enforcement agencies took control of the group’s website, displaying a message that read, “This site is now under the control of law enforcement.” At least 22 Lockbit-affiliated Tor sites were taken down, according to malware repository Vx-underground.
In a statement, National Crime Agency Director General, Graeme Biggar, announced the successful operation, stating, “Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems.”
Lockbit, in response to the takedown, admitted defeat and posted a message on Vx-underground, “FBI pwned me.” The group’s source code and other operational data were seized during the operation, providing valuable insights into the inner workings of the ransomware gang.
The arrests made during Operation Cronos were not limited to the UK. Authorities in Poland, Ukraine, and the US also arrested key members of the Lockbit operation. There are currently sanctions out for two more Lockbit affiliates in Russia.
The good news for Lockbit victims does not end there. The operation obtained keys from Lockbit to create a decryption tool for victims to retrieve their data. The free decryptors can be found via the No More Ransom project.
The takedown of Lockbit marks a significant victory for international law enforcement agencies in their ongoing efforts to combat cybercrime. It serves as a reminder that collaboration and cooperation between agencies can lead to successful outcomes in the fight against cybercriminals.
In conclusion, the Lockbit ransomware gang, which had been causing havoc for over four years, has been dismantled by international law enforcement agencies. The seizure of the group’s source code and other operational data, along with the arrests of key members, has dealt a significant blow to the group’s capabilities and credibility. The creation of a decryption tool for victims to retrieve their data is a welcome development for those affected by Lockbit’s attacks. The successful operation, named Operation Cronos, is a testament to the power of collaboration and cooperation between law enforcement agencies in the fight against cybercrime.