Lockbit cybercrime gang says it is back online
Lockbit, a cybercrime gang known for using ransomware to extort victims, claims to have restored its servers after being targeted by an international police operation. Last week, authorities arrested and indicted members of the group, and even taunted its leaders using their website. Lockbit alleges that law enforcement hacked their dark website using a vulnerability in their code.
The recent disruption of the Lockbit cybercrime gang was carried out by an international law enforcement operation involving the UK’s National Crime Agency, the U.S. Federal Bureau of Investigation, Europol, and other global police agencies.
Sophos on Lockbit
Chester Wisniewski, Director, Global Field CTO, Sophos, had this to say on the matter:
Lockbit rose to be the most prolific ransomware group since Conti departed the scene in mid-2022. The frequency of its attacks, combined with having no limits to what type of infrastructure it cripples has also made it the most destructive in recent years. Anything that disrupts its operations and sows distrust amongst its affiliates and suppliers is a huge win for law enforcement.
We shouldn’t celebrate too soon though. Much of its infrastructure is still online, which likely means it is outside the grasp of the police and the criminals have not been reported to have been apprehended. Even if we don’t always get a complete victory, like has happened with Qakbot, imposing disruption, fueling their fear of getting caught and increasing the friction of operating their criminal syndicate is still a win. We must continue to band together to raise their costs ever higher until we can put all of them where they belong – in jail.