Navigate

Law enforcement agencies from several countries seize servers of hacker group LockBit

Following the joint operation “Cronos”, law enforcement authorities from the United States, Europe, Australia, and Japan have successfully infiltrated some resources belonging to LockBit, a hacker collective known for developing ransomware with the same name.

The official LockBit website released a statement highlighting the participation of members from the National Crime Agency (NCA, UK), the US Federal Bureau of Investigation (FBI), Europol, as well as national law enforcement agencies from various countries including France, Japan, Switzerland, Canada, Australia, Sweden, the Netherlands, Finland, and Germany. The representatives from the NCA and the US Department of Justice (DOJ) stated that the operation is still ongoing and expanding. In the US alone, LockBit affected more than 1700 organisations across various industries such as finance, food provision for schools, transportation companies, and government agencies.

According to LockBit, despite the successful infiltration by law enforcement, their backup servers, which weren’t running PHP, were unaffected and are still operational. The hackers’ resources were exploited using the PHP vulnerability CVE-2023-3824.

The LockBit virus, which started circulating in hacker forums in 2020, was initially suspected to have Russian origins by cybersecurity specialists. However, the group insisted on their now-defunct darknet site that they are based in the Netherlands and are solely interested in monetary gains. Past victims of the LockBit virus include the British Royal Mail and Boeing, whose internal data was leaked online.

When affiliated hacker groups tried to access the virus control panel, they discovered a notice stating that government agents had obtained the source code, details of attack victims, ill-gotten funds, chat logs, and other valuable information. More details were promised to be revealed on the LockBit site on February 20, at 11:30 GMT (14:30 MSK).

Don Smith, Vice President of Secureworks, a subsidiary of Dell Technologies, reported that LockBit is the dominating ransomware operator, comprising 25% of the market. Its closest competitor, Blackcat, holds approximately 8.5% of the market share.

This post was last modified on 02/22/2024

LockBit
Harry Males: Hey there, I'm Harry Males, your go-to news writer at Dave's iPAQ, where I traverse the intricate landscape of technology, reporting on the latest developments that shape our digital world. With a pen in hand and a passion for all things tech, I dive deep into the realms of Software, AI, Cybersecurity, and Cryptocurrency to bring you the freshest insights and breaking news. Artificial Intelligence is not just a buzzword for me – it's a captivating realm where machines mimic human intelligence. From the wonders of machine learning to the ethical considerations of AI, I'm dedicated to keeping you informed about the advancements that are reshaping industries and everyday life. Beyond the bylines and breaking news, I believe in fostering a community of tech enthusiasts. Whether it's engaging in discussions on forums, attending tech conferences, or sharing insights on social media, I aim to connect with readers who share a passion for the ever-evolving world of technology.
Related Post
  1. Hackers Breach Fujitsu – Customer Data Potentially Stolen
  2. The GhostRace vulnerability allows data theft from any modern x86, Arm, and RISC-V processor.
  3. Vulnerability Found in Intel’s Most Advanced Processors – Patches May Reduce Performance by up to 10%
  4. AI Chatbots found vulnerable to ASCII graphics
  5. Vulnerabilities discovered in ChatGPT plugins that allowed hacking of accounts on third-party platforms