LockBit Claims It Hacked The US Federal Reserve
The LockBit cybercrime gang has claimed to have stolen an enormous database of 33 terabytes of confidential banking data from the US Federal Reserve, which includes sensitive banking information about American citizens.
Although these claims sound far-fetched, the ransomware gang has warned the US government of a deadline, after which the allegedly stolen data could be leaked to the public.
If confirmed, the Federal Reserve breach would be one of the biggest banking hacks in US history. Being the central banking system of the country, the Federal Reserve operates 12 banking districts in major cities such as Boston, New York, Dallas, Chicago, and San Francisco.
LockBit has put the Federal Reserve on its Dark Web leak site on Sunday 23 June 2024, along with the demand the Fed appoint another negotiator after being low-balled in the ransom mediation. “You better hire another negotiator within 48 hours, and fire this clinical idiot who values American’s bank secrecy at $50,000”, the statement read.
The information included in the 33TB cache said to have been exfiltrated from the Federal Reserve was not confirmed in the listing, only that it includes confidential information of American banking. To date, the Federal Reserve has not confirmed the truth of the information or whether it was breached at the time of writing.
Security experts are also casting doubt over LockBit's claims. In a message on X discussing the incident, cyber security researcher Dominic Alvieri commented “someone is mad” and expressed some scepticism about how legitimate LockBit’s claims are. Alvieri noted that without any real evidence it is more likely the group is “just blowing off steam”.
Thomas Richards, principal consultant at the Synopsys Software Integrity Group, said, "The ransomware groups try to intimidate and make their notoriety bigger than it is, even with how well known and successful Lockbit has been in the past year. A statement from them would have caused concern within the US Federal Reserve until it was proven they did not access the systems."
In March this year the US Department of State announced a reward of $15 million for information leading to the arrest and/or conviction of any individual participating in a LockBit ransomware variant attack and for information leading to the identification and/or location of any key leaders of the LockBit ransomware. In May, LockBit’s official Dark Net website was siezed and then reactivated by international law enforcement following a Russian national, Dmitry Khoroshev, being identified as the leading figure in the cybercrime group..
LockBit is known for claiming high-profile targets, which are often dismissed by the companies involved.
In April 2023 the group announced it had breached Darktrace, a leading AI-driven cyber security company although these claims were swiftly rebutted by the company.
@AlvieriID | Techradar | ITPro | CyberWire | HackRead | @LockBit_News | CSO Online
You Might Also Read:
The Ransomware Threat Landscape Is Diversifying:
___________________________________________________________________________________________
If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible