LockBit Resurrection

An international coalition of police agencies, including the US Federal Bureau of Investigation and the British National Crime Agency, have resurrected the Dark Web site of the notorious LockBit ransomware gang, which they disrupted and took offline earlier this year.  

In a related development the alleged leader of what was once the world’s largest ransomware outfit, LockBit, has been named as Russian national Dmitry Khoroshev by the UK’s National Crime Agency (NCA).

What was once LockBit’s official Dark Net site reappeared online with new posts that suggest the authorities are planning to soon release new information about the hackers. The posts have titles such as “Who is LockBitSupp?” “What have we learnt,” “More LB hackers exposed,” and “What have we been doing?”

Since the authorities announced what they called “Operation Cronos” against LockBit in February, the group’s leader, now identified as Dmitry Khoroshev and known under the pseudonym of has been taunting law enforcement claiming that its the effect of its takedown is exaggerated.

A law enforcement coalition that included the UK’s National Crime Agency, the US Federal Bureau of Investigation, and forces from Germany, Finland, France, Japan published that they had penetrated LockBit’s website.  The website was locked down and replaced with different content, in a clear attempt to threaten the hackers that the authorities were pursuing them. 

The February operation also included the arrests of two alleged LockBit members in Ukraine and Poland; the takedown of 34 servers across Europe, the UK, and the US; and the seizure of more than 200 cryptocurrency wallets belonging to the hackers.

LockBit was first detected t in 2019 and has subsequently turned inn to one of the most prolific ransomware gangs in the world, netting millions of dollars in ransom payments. 

Recently, the hacking collective vx-underground published on X that they had spoken to LockBit’s administrative staff, who had told them the police were lying. “I don’t understand why they’re putting on this little show. They’re clearly upset we continue to work,” the staff said, according to vx-underground.

Indeed, Lockbit has proven to be very resilient. Even after February’s takedown, the gang came back with a new dark web leak site, which has been actively updated with new apparent victims.  All the new posts on the seized website, except for one, have a countdown, suggesting that law enforcement will announce the further actions against LockBit. 

@vxunderground    |   The Record   |     Techcrunch   |    Techcrunch   |    PCMag   |    SlashDot   |   LinkedIn   | 

Guardian   |  

Image: Ideogram

You Might Also Read: 

Prioritising  Prevention Is Better Than Paying Ransom:

DIRECTORY OF SUPPLIERS - Ransomware Protection:

__________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Is A Passwordless Future A More Secure Future?
Mobile Gambling - Sportsbooks Face Growing Fraud »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Roka Security

Roka Security

Roka Security is a boutique security firm specializing in full-scale network protection, defending against advanced attacks, and rapid response to security incidents.

Arxan Technologies

Arxan Technologies

Arxan is a leader of application attack-prevention and self-protection products for Internet of Things (IoT), Mobile, Desktop, and other applications.

Cypress Semiconductor

Cypress Semiconductor

Cypress is a semiconductor design and manufacturing company providing embedded devices for secure IoT applications.

Cyber Exec

Cyber Exec

Cyber Exec is an executive search firm dedicated to global talent acquisition in Cyber Security, Information Technology, Defense...

Norton Rose Fulbright

Norton Rose Fulbright

Norton Rose Fulbright is a global business law firm. Practice areas include Data protection, Privacy and Cybersecurity.

Security Network Munich

Security Network Munich

Security Network Munich brings together leading players in the field of information and cyber security through joint research and innovation projects.

OneWelcome

OneWelcome

Onegini and iWelcome have merged to become OneWelcome, the largest European Identity Access Management Saas Vendor.

Radiflow

Radiflow

Radiflow is a leading provider of cyber security solutions for critical infrastructure networks (i.e. SCADA), such as power utilities, oil & gas, water and others.

Ntirety

Ntirety

Ntirety Managed Security Services offer enterprise businesses the advanced tools, processes, and support to ensure your infrastructure, networks, and mission-critical applications are secure.

Guardian Data Destruction

Guardian Data Destruction

Guardian Data Destruction provides a comprehensive suite of onsite e-data destruction services.

Alpine Cyber Solutions

Alpine Cyber Solutions

Alpine Cyber is a Managed IT Service Provider focused on cybersecurity and cloud services.

MassMutual Ventures

MassMutual Ventures

Mass Mutual ventures backs companies building category-defining businesses in markets including enterprise software, digital health, cybersecurity, and fintech.

Internet Security Research Group (ISRG)

Internet Security Research Group (ISRG)

ISRG's mission is to reduce financial, technological, and educational barriers to secure communication over the Internet.

Tetrate.io

Tetrate.io

Tetrate Service Bridge provides enterprises with a consistent, unified way to connect and secure services across an entire mesh-managed environment.

SensCy

SensCy

SensCy is a Trusted Guide for Sensible Cybersecurity for small and medium-sized organizations.

Secomea

Secomea

Secomea redefines manufacturing plant security by combining internationally recognized industry best practices as critical components of our robust cybersecurity strategy.