LockBit Resurrection

An international coalition of police agencies, including the US Federal Bureau of Investigation and the British National Crime Agency, have resurrected the Dark Web site of the notorious LockBit ransomware gang, which they disrupted and took offline earlier this year.  

In a related development the alleged leader of what was once the world’s largest ransomware outfit, LockBit, has been named as Russian national Dmitry Khoroshev by the UK’s National Crime Agency (NCA).

What was once LockBit’s official Dark Net site reappeared online with new posts that suggest the authorities are planning to soon release new information about the hackers. The posts have titles such as “Who is LockBitSupp?” “What have we learnt,” “More LB hackers exposed,” and “What have we been doing?”

Since the authorities announced what they called “Operation Cronos” against LockBit in February, the group’s leader, now identified as Dmitry Khoroshev and known under the pseudonym of has been taunting law enforcement claiming that its the effect of its takedown is exaggerated.

A law enforcement coalition that included the UK’s National Crime Agency, the US Federal Bureau of Investigation, and forces from Germany, Finland, France, Japan published that they had penetrated LockBit’s website.  The website was locked down and replaced with different content, in a clear attempt to threaten the hackers that the authorities were pursuing them. 

The February operation also included the arrests of two alleged LockBit members in Ukraine and Poland; the takedown of 34 servers across Europe, the UK, and the US; and the seizure of more than 200 cryptocurrency wallets belonging to the hackers.

LockBit was first detected t in 2019 and has subsequently turned inn to one of the most prolific ransomware gangs in the world, netting millions of dollars in ransom payments. 

Recently, the hacking collective vx-underground published on X that they had spoken to LockBit’s administrative staff, who had told them the police were lying. “I don’t understand why they’re putting on this little show. They’re clearly upset we continue to work,” the staff said, according to vx-underground.

Indeed, Lockbit has proven to be very resilient. Even after February’s takedown, the gang came back with a new dark web leak site, which has been actively updated with new apparent victims.  All the new posts on the seized website, except for one, have a countdown, suggesting that law enforcement will announce the further actions against LockBit. 

@vxunderground    |   The Record   |     Techcrunch   |    Techcrunch   |    PCMag   |    SlashDot   |   LinkedIn   | 

Guardian   |  

Image: Ideogram

You Might Also Read: 

Prioritising  Prevention Is Better Than Paying Ransom:

DIRECTORY OF SUPPLIERS - Ransomware Protection:

__________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Is A Passwordless Future A More Secure Future?
Mobile Gambling - Sportsbooks Face Growing Fraud »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Group-IB

Group-IB

Group-IB is a leading provider of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigating high-tech crimes, and protecting intellectual property.

F5 Networks

F5 Networks

F5 products ensure that network applications are always secure and perform the way they should—anywhere, any time, and on any device.

SKKU Security Lab (seclab)

SKKU Security Lab (seclab)

SKKU Security Lab supports research and education in information security engineering. The lab is a part of the College of Software, Sungkyunkwan University.

Plurilock Security Solutions

Plurilock Security Solutions

Plurilock is a real-time cybersecurity solution that uses artificial intelligence to identify, prevent, and eliminate insider threats.

Intelligent Business Solutions Cyprus (IBSCY)

Intelligent Business Solutions Cyprus (IBSCY)

IBSCY Ltd is a leading provider of total IT solutions and services in Cyprus specializing in the areas of cloud services and applications, systems integration, IT infrastructure and security.

Safetica

Safetica

Safetica Technologies is a Czech software company that delivers data protection solutions for businesses of all types and sizes.

Zuratrust

Zuratrust

Zuratrust provide protection for all kinds of email related cyber attacks.

Data Eliminate

Data Eliminate

Data Eliminate provide data destruction, secure end-of-life IT asset disposal, and data protection consultancy services.

KBR

KBR

To help governments and other agencies to combat cyber threats, KBR is safeguarding their most valuable systems with sophisticated tools, hardware and training.

WolfSSL

WolfSSL

wolfSSL is an embedded SSL/TLS library providing secure communication for IoT, smart grid, connected home, routers, applications, games, phones, and more.

MetaWeb Ventures

MetaWeb Ventures

MetaWeb Ventures is a global venture capital firm focused on pre-seed and seed investments in crypto start-ups.

Globesecure Technologies

Globesecure Technologies

Globesecure Technologies is a networks and cyber security company. We are here to resolve business security challenges and secure the digital transformation journey of our clients.

Communications Fraud Control Association (CFCA)

Communications Fraud Control Association (CFCA)

CFCA is the premier International Association for fraud risk management, fraud prevention and profitability control.

Leostream

Leostream

Leostream's Remote Desktop Access Platform enables seamless work-from-anywhere flexibility while maintaining security and constant visibility of users.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

Health Sector Cybersecurity Coordination Center (HC3)

Health Sector Cybersecurity Coordination Center (HC3)

HC3 was created by the US Department of Health and Human Services to aid in the protection of vital, controlled, healthcare-related information.