A coalition of international law enforcement agencies, including the FBI and the UK’s National Crime Agency, announced that they have shut down LockBit, one of the most prolific hacking groups of all time, including shutting down websites the organization used to pay ransoms.
A statement on the group’s website published on Monday said it was «now under control» by the British agency, the FBI and other law enforcement agencies, transmits Bloomberg. According to an FBI spokesman, the operation involved law enforcement from 11 countries, which seized 11,000 domains used by LockBit and its affiliates to distribute ransomware. The operation, which covered LockBit’s infrastructure and targeted the malware deployment system, took place in recent days.
LockBit has caused tremendous damage and expense — it won’t do it again. We broke the hackers, took control of their infrastructure, extracted their source code, and obtained the keys to help victims decrypt their systems.
— Graham Biggar, Director General of the US National Crime Agency.
LockBit specializes in using malware known as ransomware to encrypt files on its victims’ computers and then demand payment to unlock the files.
The group was responsible for last year’s attack on the US branch of Industrial & Commercial Bank of China Ltd. that disrupted the US Treasury bond market worth $26 billion. It also took down a website used by Boeing to sell aircraft parts, software, and services.
Two LockBit members were arrested in Poland and Ukraine as part of the operation, according to a statement from the European Union’s law enforcement agency — Europol. Three international arrest warrants and five indictments were issued by French and American authorities, the agency said in a statement.
LockBit first became known in 2021, calling itself LockBit 1.0. In 2022, it became LockBit 2.0, and its latest iteration — LockBit Green. One of the group’s latest victims was EquilLend. The trading platform, which processes trillions of dollars in transactions per month, said the January 22 incident affected some automated securities lending services.
According to the FBI, 1,600 people in the United States and 2,000 worldwide have been affected by the hacker group. The vast majority of them are from the private sector, and the FBI said it is tracking 144 million ransoms paid in connection with the LockBit attacks.