In a significant breakthrough, the website associated with the infamous LockBit ransomware group has come under the control of police forces from eleven different countries. This development is part of an international operation aimed at dismantling a significant part of the group’s infrastructure.
LockBit refers to both a type of ‘ransomware’ and the criminal gang that employs it. It first came into existence in 2019, functioning as a ransomware-on-demand service, also known as ‘ransomware-as-a-service’ (RaaS). Its area of expertise lies in launching ‘ransomware’ type attacks, which involve blocking access to information on an infected computer, or part thereof, and demanding a ransom for its release. The group is considered one of the most widespread, being responsible for nearly 1,800 attacks.
An international police operation involving eleven countries has successfully taken control of the website used by the LockBit group. This operation was carried out by a coalition led by the United Kingdom’s National Crime Agency, in collaboration with the FBI and Europol, and has been in effect since Monday.
The operation, aptly named Operation Chronos, has also seized control of the Lockbit platform along with the information it stored. Specifically, it has taken over the affiliate panel, the LockBitm source code, and all the conversations and victim information, as reported by Bleeping Computer.
Despite the success of this operation in dismantling a part of LockBit’s infrastructure, the core of its operations lies in Russia, making arrests a challenging task, as per TechCrunch. The primary threat actor behind the group, known as Lockbitsupp, has reportedly sent out a message in Russian notifying his followers that the FBI has only managed to infiltrate the PHP servers, leaving the rest untouched.
