LockBit group sites seized by law enforcement agencies

Law enforcement agencies from 11 countries, including the UK’s National Crime Agency (NCA), the FBI, and Europol, collaborated in Operation Cronos to dismantle several websites associated with the LockBit ransomware group. The hackers themselves allege that the FBI exploited a PHP vulnerability to gain access to their systems.

A notice posted on the LockBit websites typically used for data leaks and communication with victims, indicates that these resources are now under the control of the NCA. While law enforcement has not yet disclosed specifics, they have confirmed to the media that they have seized the LockBit sites and will provide further details on the Cronos operation soon.

Researchers at Vx-Underground have reported that the group informed Tox that “the FBI took control of the PHP servers, while the non-PHP backup servers were left untouched.” This appears to exploit the vulnerability CVE-2023-3824.

Furthermore, it’s been stated that the police have deactivated the LockBit “partner” panel and left a message indicating that the LockBit source code, chats, and information about victims are now in law enforcement’s possession.

LockBit group sites seized by law enforcement agencies

“Law enforcement agencies have successfully seized control of the LockBit platform, acquiring access to all its stored information, including details about the LockBit group and its partners. In a message addressed to Lockbitsupp, a representative of the LockBit group, the UK National Crime Agency (NCA) revealed, “We have access to the source code, information about the victims you’ve targeted, the ransom amounts demanded, stolen data, chat records, and much more.” This development underscores the vulnerabilities in LockBit’s infrastructure. The NCA, along with the FBI, Europol, and the Operation Cronos Task Force, hinted at potential future communication: “Perhaps we will contact you very soon.” This marks a significant step in the ongoing efforts to combat cybercrime.”

LockBit emerged in 2019 and has since become one of the most active ransomware groups. Recorded Future specialists have linked LockBit to approximately 2,300 attacks, while law enforcement officials estimate that the group has extorted over $91 million from American companies alone.

LockBit group sites seized by law enforcement agencies

Notable victims of LockBit include Continental, a tire and component company; Boeing Corporation; Subway, a fast food chain; Bank of America, a supplier; the Italian Tax Service; and others.

0 / 5

Your page rank:


Subscribe: YouTube page opens in new windowLinkedin page opens in new windowTelegram page opens in new window

Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment