We have hacked the hackers, taken control of their infrastructure, and obtained keys that would help victims decrypt their systems!’ these were the words of the British National Crime Agency Director as he spoke to reporters in London.
Who are/is Lockbit?
If you are asking this question, you have been living under a rock in the cybersecurity world, but we will bring you up to speed.
Lockbit, founded in 2019 as a small-time encryptor, morphed into a notorious RaaS (this spells out “Ransomware as a service” & simply means a business that leases its software and methods to others to use in extorting money), with double-extortion tactics and targeting critical sectors. Their 2022 reign as the most deployed ransomware solidified their threat (4 years was not enough time to take time seriously). They stood strong steadily evolving, from 2019 till today, one version at a time (Lockbit 1.0, Lockbit 2.0 and Lockbit 3.0).
LockBit has been the target of a global law enforcement crackdown, with officials from 11 countries collaborating to disrupt the group's activities. The group has been known to make over $120 million by holding victims' data for ransom globally.
The Takedown
LockBit, once hailed as the "Rolls-Royce" of ransomware for its slick website and "legitimate business" tactics, met its match in a multi-national takedown operation. On On the 19th of February, a message appeared on the Russia-based website stating it was 'now under control of law enforcement', with agencies posting a message directly addressing the hackers.
We may be in touch with you very soon, have a nice day.’ Law enforcement from 11 countries, including the UK's NCA and US FBI, collaborated to disable LockBit's infrastructure, seizing control of their website and source code. Five individuals have been charged, with seven arrests made, including two Russians facing extradition. Notably, the FBI offers a $10 million reward for information leading to the capture of their key suspect, Mikhail Pavlovich Matveev.
While the group primarily relied on the "permissive environment" in Russia, authorities don't believe the state was directly involved. LockBit gained notoriety in the UK for stealing data from their nuclear base, chemical weapons lab, and even high-security prisons amassing millions in ransom demands.
This takedown marks a significant blow to cybercrime, dismantling a prolific operation responsible for billions of pounds in damages.
But as we all know this might not be the end."