Washington — A ransomware service provider that targeted more than 2,000 systems around the world, including U.S. hospitals and demanded hundreds of millions of dollars, was shut down on Monday, with Russian nationals targeted as part of an international plan to deploy malicious software. The charges were filed, the Justice Department announced Tuesday.
The cybercriminal network, known as LockBit, targets critical manufacturing, healthcare, and logistics components around the world, serving hackers who deploy malware on vulnerable systems and hold them hostage until a ransom is paid. We offer Officials say the attackers have extorted more than $120 million from victims and their program has evolved into one of the most notorious and active.
As part of this week's operation, the FBI and UK law enforcement partners seized a number of public platforms through which cybercriminals could initiate contact and participation with LockBit. Investigators also seized two servers in the United States that were used to transfer stolen victim data.
The home page of Rockbit's site has been replaced with the words “This site is now under the control of law enforcement,” along with the flags of the United Kingdom, the United States, and several other countries, according to the Associated Press.
Distributed via Reuters
According to Attorney General Merrick Garland, the United States and its allies will provide “keys” that can unlock attacked computer systems so that victims can “regain access to their data” and be freed from paying ransoms. “We took it one step further'' by obtaining the “.'' This move could potentially save hundreds of victims around the world.
Two Russians accused of using LockBit ransomware against businesses across the U.S., including Oregon, New York, Florida and Puerto Rico, were also targeted in New Jersey as part of the Department of Justice's recent efforts against the group. He was indicted.
Artur Sungatov and Ivan Kondratyev join a growing number of defendants accused by federal prosecutors of attacking U.S. institutions as part of the Rockbit program. A total of five people have now been charged, including the person who allegedly targeted police in Washington, D.C.
According to a joint cybersecurity advisory released last year by the FBI and the Cybersecurity and Infrastructure Security Agency, LockBit was the most commonly used ransomware version in 2022, and was government and emergency services, health care, manufacturing, and transportation.”
The LockBit network was first observed on a Russian-speaking cybercrime platform in 2020 and continued to evolve and grow, targeting computer platforms and various operating systems. According to the advisory, by 2022, 16% of ransomware attacks in the United States will be deployed by the LockBit group.
Traditionally, criminals gain access to vulnerable systems through phishing emails or when users visit infected sites while browsing the Internet. And US authorities have consistently warned users to avoid paying ransoms and to contact law enforcement.
Federal investigators have recently developed a new approach to combating ransomware attacks, which can not only cause significant harm to victims, but also damage the normal functioning of society. It's about providing victims with the tools they need to fight malware attacks.
Similar to Operation LockBit, in July 2022, the FBI Defeated an international ransomware group called Hive and collected decryption keys for the computer networks they had breached in what authorities called a “21st century high-tech cyber stakeout.” FBI agents then distributed the keys to victims whose networks were being held to ransom.
Then, in August, investigative authorities Qakbot botnet — A group of computers infected with a malware program used to carry out a cyberattack. Law enforcement gained access to her QakBot infrastructure and “redirected” her cyber activity to servers controlled by U.S. investigators. They were then able to inject malware with a program that freed the victim's computer from the botnet, freeing the malicious host.
Victims of the LockBit attack are encouraged to contact the FBI for further assistance.
