LockBit Resurrection

Uploaded on 2024-05-10 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

An international coalition of police agencies, including the US Federal Bureau of Investigation and the British National Crime Agency, have resurrected the Dark Web site of the notorious LockBit ransomware gang, which they disrupted and took offline earlier this year.  

In a related development the alleged leader of what was once the world’s largest ransomware outfit, LockBit, has been named as Russian national Dmitry Khoroshev by the UK’s National Crime Agency (NCA).

What was once LockBit’s official Dark Net site reappeared online with new posts that suggest the authorities are planning to soon release new information about the hackers. The posts have titles such as “Who is LockBitSupp?” “What have we learnt,” “More LB hackers exposed,” and “What have we been doing?”

Since the authorities announced what they called “Operation Cronos” against LockBit in February, the group’s leader, now identified as Dmitry Khoroshev and known under the pseudonym of has been taunting law enforcement claiming that its the effect of its takedown is exaggerated.

A law enforcement coalition that included the UK’s National Crime Agency, the US Federal Bureau of Investigation, and forces from Germany, Finland, France, Japan published that they had penetrated LockBit’s website.  The website was locked down and replaced with different content, in a clear attempt to threaten the hackers that the authorities were pursuing them. 

The February operation also included the arrests of two alleged LockBit members in Ukraine and Poland; the takedown of 34 servers across Europe, the UK, and the US; and the seizure of more than 200 cryptocurrency wallets belonging to the hackers.

LockBit was first detected t in 2019 and has subsequently turned inn to one of the most prolific ransomware gangs in the world, netting millions of dollars in ransom payments. 

Recently, the hacking collective vx-underground published on X that they had spoken to LockBit’s administrative staff, who had told them the police were lying. “I don’t understand why they’re putting on this little show. They’re clearly upset we continue to work,” the staff said, according to vx-underground.

Indeed, Lockbit has proven to be very resilient. Even after February’s takedown, the gang came back with a new dark web leak site, which has been actively updated with new apparent victims.  All the new posts on the seized website, except for one, have a countdown, suggesting that law enforcement will announce the further actions against LockBit. 

@vxunderground    |   The Record   |     Techcrunch   |    Techcrunch   |    PCMag   |    SlashDot   |   LinkedIn   | 

Guardian   |  

Image: Ideogram

You Might Also Read: 

Prioritising  Prevention Is Better Than Paying Ransom:

DIRECTORY OF SUPPLIERS - Ransomware Protection:

__________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Is A Passwordless Future A More Secure Future?
Mobile Gambling - Sportsbooks Face Growing Fraud »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer SIT is a research centre specialising in all areas of IT security.

Cyber Risk & Insurance Forum (CRIF)

Cyber Risk & Insurance Forum (CRIF)

CRIF helps organisations understand cyber risks and the damage that might occur by supporting the development of effective insurance solutions.

Deep Instinct

Deep Instinct

Deep Instinct provides comprehensive defense that is designed to protect against the most evasive unknown malware in real-time, across an organization’s endpoints, servers, and mobile devices.

Cybersixgill

Cybersixgill

Cybersixgill was founded with a single mission: to protect organizations against malicious cyber attacks that come from the deep and dark web, before they materialize.

Aveshka

Aveshka

Aveshka is a professional services firm focused on addressing complex threats and challenges including Cybersecurity and Information Technology.

CSIRT-CY

CSIRT-CY

CSIRT-CY is the National Computer Security Incident Response Team for Cyprus.

CERT Tonga

CERT Tonga

CERT Tonga is the national Computer Emergency Response Team for Tonga.

Cyber Wales

Cyber Wales

Cyber Wales provides a focus and forum for everyone in the industry, helping businesses come together and collaborate both within Wales and internationally.

CONCORDIA

CONCORDIA

Concordia is a Cybersecurity Competence Network with leading research, technology, and competences to build the European Secure, Resilient and Trusted Ecosystem.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

Aigner Business Solutions

Aigner Business Solutions

Aigner Business Solutions GmbH is a specialist in IT-Security and Data Protection. Concise and focussed.

Apex Systems

Apex Systems

Apex Systems is a world-class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions.

Arctic Group

Arctic Group

Arctic Group is a Swedish service provider focusing on cybersecurity, integration services and deployment of software development tools.

Web3fied

Web3fied

Web3fied is a seed stage company building the future of decentralized digital identity and credentials management.

Opal Security

Opal Security

Opal is an identity and access management platform that offers a consolidated view and control of your whole ecosystem from on-prem to cloud and SaaS.

Barrier Networks

Barrier Networks

Barrier Networks are a Cyber Security Managed Service Provider that specialises in Network and Application security.