One of the world’s biggest criminal hacking gangs on Tuesday woke up to a startling discovery: Law enforcement, after taking over their main Web site on Monday, were now threatening to reveal their personal details and data about their cybercrime organization.
The group, LockBit, had become notorious in cybercrime circles for using malicious software called ransomware to digitally extort victims, relying on underground marketing campaigns to boost its profile.
At one point, LockBit had promised US$1,000 to anyone who tattooed their logo on themselves, cybersecurity researchers said.
Photo: Handout via Reuters
The group’s ringleader, known by the online moniker “LockBitSupp,” had also become so confident in their own anonymity that they had promised US$10 million to the first person who could find and unmask them, the British National Crime Agency (NCA) said.
The international law enforcement operation, which had posted on the extortion Web site on Monday that it had taken control, on Tuesday said it had re-engineered LockBit’s core online system — mimicking the countdown clock that LockBit used in extortion attempts and posing its own US$10 million challenge, a review of LockBit’s “dark Web” site showed.
The core online system was re-engineered to target the hackers in the same way they had terrorized victims: with an advent calendar-like series of tiles, each marked with a countdown timer that, upon reaching zero, published stolen data.
Across the Web site’s front page, where victim names once stood, law enforcement agencies replaced the text and links with internal data obtained by hacking the hackers themselves.
The resulting display was a smorgasbord of law enforcement action against LockBit, which included indictments, sanctions, a tool with which victims can decrypt their data, and a new countdown with two days left on the clock which asked: “Who is LockBitSupp? The $10 million question.”
Before it was taken down, LockBit’s Web site had displayed an ever-growing gallery of victim organizations that was updated nearly daily. Next to the names were digital clocks showing the number of days left to the deadline given to each organization to provide ransom payment.
In June last year, technology news Web site TechCrunch said that LockBit had targeted Taiwan Semiconductor Manufacturing Co, a month after claiming responsibility for a ransomware attack against a plant in Mexico owned by Taiwan’s Hon Hai Precision Industry Co.
The unique law enforcement operation was the result of a years-long investigation by international police agencies and was designed to undermine the group’s credibility in the criminal underground, officials said.
“LockBit’s affiliates should be very concerned right now, especially as law enforcement continues to make decryptors available to victims,” Mandiant Consulting chief technology officer Charles Carmakal said.
The US has charged two Russian nationals with deploying LockBit ransomware against companies and groups around the world. Police in Poland and Ukraine made two arrests.
Before it was seized by police, LockBit would often publish caches of stolen data from victimized companies that did not pay — such as personal private information of customers, medical records, internal billing data and the communications of internal staff, among other things.
The leaks were intended to harm the reputation of victims and put them in legal jeopardy, netting LockBit more than US$120 million in ransom payments, experts said.
NCA Director-General Graeme Biggar on Tuesday told reporters that the true cost, including money spent by organizations and corporations scrambling to regain access to their networks and the effect on business, could have amounted to losses totaling Additional reporting by staff writer
In the sweltering streets of Jakarta, buskers carry towering, hollow puppets and pass around a bucket for donations. Now, they fear becoming outlaws. City authorities said they would crack down on use of the sacred ondel-ondel puppets, which can stand as tall as a truck, and they are drafting legislation to remove what they view as a street nuisance. Performances featuring the puppets — originally used by Jakarta’s Betawi people to ward off evil spirits — would be allowed only at set events. The ban could leave many ondel-ondel buskers in Jakarta jobless. “I am confused and anxious. I fear getting raided or even
POLITICAL PATRIARCHS: Recent clashes between Thailand and Cambodia are driven by an escalating feud between rival political families, analysts say The dispute over Thailand and Cambodia’s contested border, which dates back more than a century to disagreements over colonial-era maps, has broken into conflict before. However, the most recent clashes, which erupted on Thursday, have been fueled by another factor: a bitter feud between two powerful political patriarchs. Cambodian Senate President and former prime minister Hun Sen, 72, and former Thai prime minister Thaksin Shinawatra, 76, were once such close friends that they reportedly called one another brothers. Hun Sen has, over the years, supported Thaksin’s family during their long-running power struggle with Thailand’s military. Thaksin and his sister Yingluck stayed
Kemal Ozdemir looked up at the bare peaks of Mount Cilo in Turkey’s Kurdish majority southeast. “There were glaciers 10 years ago,” he recalled under a cloudless sky. A mountain guide for 15 years, Ozdemir then turned toward the torrent carrying dozens of blocks of ice below a slope covered with grass and rocks — a sign of glacier loss being exacerbated by global warming. “You can see that there are quite a few pieces of glacier in the water right now ... the reason why the waterfalls flow lushly actually shows us how fast the ice is melting,” he said.
RESTRUCTURE: Myanmar’s military has ended emergency rule and announced plans for elections in December, but critics said the move aims to entrench junta control Myanmar’s military government announced on Thursday that it was ending the state of emergency declared after it seized power in 2021 and would restructure administrative bodies to prepare for the new election at the end of the year. However, the polls planned for an unspecified date in December face serious obstacles, including a civil war raging over most of the country and pledges by opponents of the military rule to derail the election because they believe it can be neither free nor fair. Under the restructuring, Myanmar’s junta chief Min Aung Hlaing is giving up two posts, but would stay at the
RSS