The infamous state-sponsored ransomware gang, LockBit, has been successfully infiltrated by authorities from over 10 countries.
The authorities slipped into the back end of LockBit’s security systems before taking screenshots and records of the hacker’s activity. At the same time, authorities took control of several of their systems, making it impossible for LockBit actors to operate. The official LockBit website is currently in the process of being taken down.
“At present, a vast amount of data gathered throughout the investigation is now in the possession of law enforcement,” Europol said in a statement.
Law enforcement agencies in the US, UK, Europol, and other countries came together to stop one of the most notorious ransomware gangs in history.
“Two LockBit actors have been arrested in Poland and Ukraine at the request of the French judicial authorities. The French and US judicial authorities have also issued three international arrest warrants and five indictments,” Europol said.
In 2022, Lockbit was the most distributed malware in the world. The group operated as a Ransomware as a Service model (RaaS), selling its tools to international hacking groups while carrying out devastating attacks.
The Russian state-sponsored group is known to target critical infrastructure, such as when it hacked Royal Mail and ransomed the data in an attempt to disrupt the UK.
For years, the group went unchecked, but thanks to the collaboration of international agencies, they’ve been temporarily stopped. Even its dark web forums and websites now have “the site is now under the control of law enforcement,” plastered on the front page.
“Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems. As of today, LockBit is locked out. We have damaged the capability and, most notably, the credibility of a group that depended on secrecy and anonymity.”