LockBit Claims It Hacked The US Federal Reserve

Uploaded on 2024-06-26 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The LockBit cybercrime gang has claimed to have stolen an enormous database of 33 terabytes of confidential banking data from the US Federal Reserve, which includes sensitive banking information about American citizens.  

Although these claims sound far-fetched, the ransomware gang has warned the US government of a deadline, after which the allegedly stolen data could be leaked to the public.

If confirmed, the Federal Reserve breach would be one of the biggest banking hacks in US history. Being the central banking system of the country, the Federal Reserve operates 12 banking districts in major cities such as Boston, New York, Dallas, Chicago, and San Francisco.

LockBit has put the Federal Reserve on its Dark Web leak site on Sunday 23 June 2024, along with the demand the Fed appoint another negotiator after being low-balled in the ransom mediation. “You better hire another negotiator within 48 hours, and fire this clinical idiot who values American’s bank secrecy at $50,000”, the statement read.

The information included in the 33TB cache said to have been exfiltrated from the Federal Reserve was not confirmed in the listing, only that it includes confidential information of American banking. To date, the Federal Reserve has not confirmed the truth of the information or whether it was breached at the time of writing. 

Security experts are also casting doubt over LockBit's claims. In a message on X discussing the incident, cyber security researcher Dominic Alvieri commented “someone is mad” and expressed some scepticism about how legitimate LockBit’s claims are. Alvieri noted that without any real evidence it is more likely the group is “just blowing off steam”.

Thomas Richards, principal consultant at the Synopsys Software Integrity Group, said, "The ransomware groups try to intimidate and make their notoriety bigger than it is, even with how well known and successful Lockbit has been in the past year.  A statement from them would have caused concern within the US Federal Reserve until it was proven they did not access the systems."

In March this year the US Department of State announced a reward of $15 million for information leading to the arrest and/or conviction of any individual participating in a LockBit ransomware variant attack and for information leading to the identification and/or location of any key leaders of the LockBit ransomware. In May, LockBit’s official Dark Net website was siezed and then reactivated by international law enforcement following a Russian national, Dmitry Khoroshev, being  identified as the leading figure in the cybercrime group..

LockBit is known for claiming high-profile targets, which are often dismissed by the companies involved. 

In April 2023 the group announced it had breached Darktrace, a leading AI-driven cyber security company although these claims were swiftly rebutted by the company.

@AlvieriID    |   Techradar   |    ITPro   |    CyberWire   |   HackRead    |   @LockBit_News   |   CSO Online   

You Might Also Read: 

The Ransomware Threat Landscape Is Diversifying

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« Hacker, Spy, Or Journalist?
The Rising Threat Of Deepfakes »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Lacuna Talent

Lacuna Talent

Lacuna Talent delivers the combined power of Via Resource, the international Cyber Security recruiter, and Lacuna Talent, the Specialist AI/Data recruiter.

Menlo Security

Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email.

Copenhagen FinTech

Copenhagen FinTech

Copenhagen FinTech is a centre for R&D and innovation in the Danish finance IT sector. Focus areas include cyber security and payments platforms.

Nation-E

Nation-E

Nation-E offers innovative cyber security solutions for industrial installations, critical infrastructure and smart grids.

Seculert

Seculert

The Seculert Attack Detection & Analytics Platform combines machine-learning based analytics and threat intelligence to automatically detect cyber attacks inside the network.

Garland Technology

Garland Technology

Garland Technology specializes in network access points (TAPs) for 100% visibility allowing you to see every bit, byte, and packet flowing through your network.

Identifi Global Recruitment

Identifi Global Recruitment

Identifi Global is one of the UK's leading Cyber Security & IT Recruitment specialists.

Meterian

Meterian

The Meterian Platform is a fuss-free solution to protect you against vulnerabilities in your app’s software supply chain.

Presidio

Presidio

Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

01 Communique Laboratory

01 Communique Laboratory

01 Communique Laboratory is an innovation leader in the new realm of Post-Quantum Cyber Security.

IDX

IDX

IDX is the leading consumer privacy platform built for agility in the digital age.

Astrix Security

Astrix Security

Astrix enables security teams to instantly see through the fog of connects and detect redundant, misconfigured and malicious third-party exposure to their critical systems.

Collabera Digital

Collabera Digital

Collabera Digital engineer the next generation of solutions that power tech-forward organizations and create an impact on people and communities.

HaystackID

HaystackID

HaystackID provides industry-leading computer forensics, eDiscovery, and attorney document review experts to help with complex, data-intensive investigations and litigation.

Digital & Intelligence Service (DIS) - Singapore

Digital & Intelligence Service (DIS) - Singapore

DIS is the fourth Service of the SAF, here to defend and dominate in the digital domain, and achieve peace and security for our land.

8kSec

8kSec

8kSec is a cybersecurity company specializing in training, consulting, and research.