Law enforcement appears to have taken over an online site run by a major criminal organization that orchestrates ransomware cyberattacks.
This site belongs to the LockBit group.
It sells a service that allows people to hack into computer networks and hold data until a ransom is paid.
On Monday night, a message appeared on the group's website saying it was “currently under the control of law enforcement.”
“This site is under the control of the UK National Crime Agency, working closely with the FBI and the international law enforcement force Operation Chronos,” the message said.
It added that this was an “ongoing and developing operation” and added: “Please return here at 11:30 (Japan time) on Tuesday, February 20th for more information.”
The operation was carried out by a coalition of the UK's National Crime Agency, the US Federal Bureau of Investigation, Europol and international law enforcement agencies, according to a post on Rockbit's website.
The UK's National Cyber Security Center (NCSC), along with partners in the US, Australia, Canada, France, Germany and New Zealand, previously warned of the “persistent threat” posed by the group.
A statement last year said LockBit's eponymous software was the “most deployed ransomware variant” worldwide in 2022, adding that it “continues to be prolific so far in 2023.” There is.
LockBit has been involved in a number of high-profile hacks, including the UK's Royal Mail in early 2023. The group and its affiliates make money by stealing sensitive data and threatening to leak it unless victims pay a ransom.
LockBit was first discovered in 2020, and some analysts believe the group is based in Russia, as the software surfaced on Russian-language forums, according to Reuters.