FBI, other agencies disrupt ransomware syndicate behind attacks worldwide

The FBI and other agencies have disrupted a ransomware syndicate, known as LockBit, that was behind a series of global cyberattacks that extracted at least $120 million, according to the United Kingdom’s National Crime Agency (NCA).

“Today, after infiltrating the group’s network, the NCA has taken control of LockBit’s services, compromising their entire criminal enterprise,” according to an NCA press release, adding that the syndicate’s attacks have “targeted thousands of victims around the world, including in the UK, and caused losses of billions of pounds, dollars and euros, both in ransom payments and in the costs of recovery.” 

The law enforcement agencies also took two people into custody — one from Poland and the other from Ukraine, The Associated Press reported. The Justice Department unsealed indictments against two others, per the AP, which were both Russian nationals. 

The group provided ransomware to a global network of hackers and “affiliates” by supplying the tool and infrastructure needed to carry out such cyberattacks, according to the release.

“When a victim’s network was infected by LockBit’s malicious software, their data was stolen and their systems encrypted,” according to the release. “A ransom would be demanded in cryptocurrency for the victim to decrypt their files and prevent their data from being published.”

NCA Director General Graeme Biggar called the agency’s investigation with other international partners “a ground-breaking disruption of the world’s most harmful cyber crime group.”

“Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems,” Biggar said in the release. 

“As of today, LockBit are locked out,” he continued. “We have damaged the capability and most notably, the credibility of a group that depended on secrecy and anonymity.”

U.S. Attorney General Merrick Garland also said that law enforcement from the U.S. and the U.K. “are taking away the keys to their criminal operation.”

“And we are going a step further — we have also obtained keys from the seized LockBit infrastructure to help victims decrypt their captured systems and regain access to their data,” Garland said, according to the release. “LockBit is not the first ransomware variant the U.S. Justice Department and its international partners have dismantled. It will not be the last.”

The front page of LockBit’s site was replaced — hours before the announcement was made — with “this site is now under control of law enforcement,” alongside the flags of the U.K., the U.S. and other nations, AP reported.

The Associated Press contributed reporting.

Tags FBI LockBit Merrick Garland National Crime Agency United Kingdom

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts

Main Area Top ↴

THE HILL MORNING SHOW

More Technology News

See All
Main Area Bottom ↴

Testing Video

ASR RAW Boys Lacrosse: Coronado 8, Poway 6

ASR RAW Boys Lacrosse: Coronado 8, Poway 6
ASR RAW Girls Lacrosse: Coronado 15, Cathedral ...
Former Torrey Pines teammates take home another NCAA ...
Boys Lacrosse: Torrey Pines 11, Bishop's 9
More Videos

Most Popular

Load more