World

British police take control of notorious cybercrime gang Lockbit’s website

An infamous cybercrime gang that holds victims’ data to ransom has been disrupted by the National Crime Agency (NCA) and a coalition of international police agencies. 

A post on Lockbit’s extortion website on Monday said: “This site is now under the control of the National Crime Agency of the UK, working in close cooperation with the FBI and the international law enforcement task force, ‘Operation Cronos’.”

Europol and other international police organisations from France, Japan, Switzerland, Canada, Australia, Sweden, the Netherlands, Finland and Germany all aided in the rare law enforcement operation.

An NCA spokesperson confirmed that the agency had disrupted the gang and said the operation was “ongoing and developing”.

A representative for Lockbit posted messages on an encrypted messaging app saying it had backup servers not affected by the law enforcement action.

Lockbit is one of the most prolific and dominant ransomware operators in what is a highly competitive underground market.

The group and its affiliates have hacked some of the world’s largest organisations in recent months. The gang makes money by stealing sensitive data and threatening to leak it if victims fail to pay an extortionate ransom.

Its affiliates are like-minded criminal groups that are recruited to wage attacks using Lockbit’s digital extortion tools.

Lockbit was discovered in 2020 when its malicious software was found on Russian-language cybercrime forums, leading some security analysts to believe the gang is based in Russia.

It has not professed support for any government, however, and no government has formally attributed it to a nation-state.

Please use Chrome browser for a more accessible video player

From December: Russian cyber attacks: What we know

On its now-defunct dark website, the group said it was “located in the Netherlands, completely apolitical and only interested in money”.

US officials have described Lockbit as the world’s top ransomware threat. The group has hit more than 1,700 organisations in the US in nearly every industry from financial services and food to schools, transportation and government departments.

Read more:
FBI disrupts hacking network ‘linked to Russian intelligence’
Parents of US gun violence victims use AI to recreate their voices
Chinese hackers preparing to ‘wreak havoc’ on US, warns FBI chief

Royal Mail faced severe disruption after an attack by Lockbit in early 2023.

Before it was taken down, Lockbit’s website displayed an ever-growing gallery of victim organisations that was updated almost daily.

Next to their names were digital clocks that showed the number of days left to the deadline given to each organisation to provide ransom payment.

On Monday, the site displayed a similar countdown, but from the law enforcement agencies who wrote: “Return here for more information at 11:30 GMT on Tuesday 20th Feb.”

Articles You May Like

Qualcomm says it expects $4 billion in PC chip sales by 2029, as company gets traction beyond smartphones
Police release two people who were detained at Gatwick Airport during security incident
How tech bros bought ‘America’s most pro-crypto Congress ever’
Water companies blocked from using customer cash for ‘undeserved’ bonuses
Nadine Dorries reveals impact of being abused by Church of England vicar