LockBit Claims It Hacked The US Federal Reserve

Uploaded on 2024-06-26 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The LockBit cybercrime gang has claimed to have stolen an enormous database of 33 terabytes of confidential banking data from the US Federal Reserve, which includes sensitive banking information about American citizens.  

Although these claims sound far-fetched, the ransomware gang has warned the US government of a deadline, after which the allegedly stolen data could be leaked to the public.

If confirmed, the Federal Reserve breach would be one of the biggest banking hacks in US history. Being the central banking system of the country, the Federal Reserve operates 12 banking districts in major cities such as Boston, New York, Dallas, Chicago, and San Francisco.

LockBit has put the Federal Reserve on its Dark Web leak site on Sunday 23 June 2024, along with the demand the Fed appoint another negotiator after being low-balled in the ransom mediation. “You better hire another negotiator within 48 hours, and fire this clinical idiot who values American’s bank secrecy at $50,000”, the statement read.

The information included in the 33TB cache said to have been exfiltrated from the Federal Reserve was not confirmed in the listing, only that it includes confidential information of American banking. To date, the Federal Reserve has not confirmed the truth of the information or whether it was breached at the time of writing. 

Security experts are also casting doubt over LockBit's claims. In a message on X discussing the incident, cyber security researcher Dominic Alvieri commented “someone is mad” and expressed some scepticism about how legitimate LockBit’s claims are. Alvieri noted that without any real evidence it is more likely the group is “just blowing off steam”.

Thomas Richards, principal consultant at the Synopsys Software Integrity Group, said, "The ransomware groups try to intimidate and make their notoriety bigger than it is, even with how well known and successful Lockbit has been in the past year.  A statement from them would have caused concern within the US Federal Reserve until it was proven they did not access the systems."

In March this year the US Department of State announced a reward of $15 million for information leading to the arrest and/or conviction of any individual participating in a LockBit ransomware variant attack and for information leading to the identification and/or location of any key leaders of the LockBit ransomware. In May, LockBit’s official Dark Net website was siezed and then reactivated by international law enforcement following a Russian national, Dmitry Khoroshev, being  identified as the leading figure in the cybercrime group..

LockBit is known for claiming high-profile targets, which are often dismissed by the companies involved. 

In April 2023 the group announced it had breached Darktrace, a leading AI-driven cyber security company although these claims were swiftly rebutted by the company.

@AlvieriID    |   Techradar   |    ITPro   |    CyberWire   |   HackRead    |   @LockBit_News   |   CSO Online   

You Might Also Read: 

The Ransomware Threat Landscape Is Diversifying

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« Hacker, Spy, Or Journalist?
The Rising Threat Of Deepfakes »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Ciklum

Ciklum

Ciklum provide specialist software QA and testing services including Security QA and Performance QA, QA Automation and Manual QA.

CyberDefcon

CyberDefcon

CyberDefcon is an independent organization dedicated to the pursuit of making the internet a safer place.

Cyber Resilient Energy Delivery Consortium (CREDC)

Cyber Resilient Energy Delivery Consortium (CREDC)

CREDC performs multidisciplinary R&D in support of the Energy Sector Control Systems Working Group’s Roadmap of resilient Energy Delivery Systems (EDS).

Dark Cubed

Dark Cubed

Dark Cubed is an easy-to-use cyber security software as a service (SaaS) platform that deploys instantly and delivers enterprise-grade threat identification and protection at a fraction of the cost.

Infigo IS

Infigo IS

INFIGO IS specializes in information security consulting services. Our employees are leading information security experts in Croatia.

Navarino

Navarino

Navarino is the maritime industry’s most advanced communications and connectivity company. We develop advanced technologies and innovative IT solutions including cyber security.

IP Twins

IP Twins

IP Twins offer a wide range of services related to domain names and online brand protection.

Nubeva Technologies

Nubeva Technologies

Nubeva provide a breakthrough TLS Decrypt solution with Symmetric Key Intercept to gain the visibility needed to monitor and secure network traffic.

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

SEEDS conducts research and develops innovative cybersecurity technologies, tools, and methodologies that advance the energy sector’s ability to survive cyber incidents.

WhizHack Technologies

WhizHack Technologies

WhizHack's mission is to not only create a pipeline of cyber security products but also to empower people to sustainable innovation in securing digital assets of tomorrow.

Kennedys

Kennedys

Kennedys is a global law firm with expertise in litigation/dispute resolution and advisory services, particularly in the insurance/reinsurance and liability sectors, including cyber risk.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

Saudi Information Technology Company (SITE)

Saudi Information Technology Company (SITE)

SITE is a forward-thinking enterprise, which aims at revitalizing Saudi Arabia’s digital infrastructure, cybersecurity, software development, and big data and analytics capabilities.

IDVerse

IDVerse

IDVerse is focused on making user verification effortless through technology. We build intelligent tools that protect users from identity fraud while enabling a seamless user experience.

Zeus Cloud

Zeus Cloud

Zeus Cloud provide clients with world-class web hosting services to businesses both big and small.

IT-Schulungen.com / New Elements GmbH

IT-Schulungen.com / New Elements GmbH

Under the name IT-Schulungen.com, the Nuremberg-based New Elements GmbH has been operating one of the largest training centres in the German-speaking world for over 20 years.