One of the world’s biggest criminal hacking gangs on Tuesday woke up to a startling discovery: Law enforcement, after taking over their main Web site on Monday, were now threatening to reveal their personal details and data about their cybercrime organization.
The group, LockBit, had become notorious in cybercrime circles for using malicious software called ransomware to digitally extort victims, relying on underground marketing campaigns to boost its profile.
At one point, LockBit had promised US$1,000 to anyone who tattooed their logo on themselves, cybersecurity researchers said.
Photo: Handout via Reuters
The group’s ringleader, known by the online moniker “LockBitSupp,” had also become so confident in their own anonymity that they had promised US$10 million to the first person who could find and unmask them, the British National Crime Agency (NCA) said.
The international law enforcement operation, which had posted on the extortion Web site on Monday that it had taken control, on Tuesday said it had re-engineered LockBit’s core online system — mimicking the countdown clock that LockBit used in extortion attempts and posing its own US$10 million challenge, a review of LockBit’s “dark Web” site showed.
The core online system was re-engineered to target the hackers in the same way they had terrorized victims: with an advent calendar-like series of tiles, each marked with a countdown timer that, upon reaching zero, published stolen data.
Across the Web site’s front page, where victim names once stood, law enforcement agencies replaced the text and links with internal data obtained by hacking the hackers themselves.
The resulting display was a smorgasbord of law enforcement action against LockBit, which included indictments, sanctions, a tool with which victims can decrypt their data, and a new countdown with two days left on the clock which asked: “Who is LockBitSupp? The $10 million question.”
Before it was taken down, LockBit’s Web site had displayed an ever-growing gallery of victim organizations that was updated nearly daily. Next to the names were digital clocks showing the number of days left to the deadline given to each organization to provide ransom payment.
In June last year, technology news Web site TechCrunch said that LockBit had targeted Taiwan Semiconductor Manufacturing Co, a month after claiming responsibility for a ransomware attack against a plant in Mexico owned by Taiwan’s Hon Hai Precision Industry Co.
The unique law enforcement operation was the result of a years-long investigation by international police agencies and was designed to undermine the group’s credibility in the criminal underground, officials said.
“LockBit’s affiliates should be very concerned right now, especially as law enforcement continues to make decryptors available to victims,” Mandiant Consulting chief technology officer Charles Carmakal said.
The US has charged two Russian nationals with deploying LockBit ransomware against companies and groups around the world. Police in Poland and Ukraine made two arrests.
Before it was seized by police, LockBit would often publish caches of stolen data from victimized companies that did not pay — such as personal private information of customers, medical records, internal billing data and the communications of internal staff, among other things.
The leaks were intended to harm the reputation of victims and put them in legal jeopardy, netting LockBit more than US$120 million in ransom payments, experts said.
NCA Director-General Graeme Biggar on Tuesday told reporters that the true cost, including money spent by organizations and corporations scrambling to regain access to their networks and the effect on business, could have amounted to losses totaling Additional reporting by staff writer
STEPPING UP: Diminished US polar science presence mean opportunities for the UK and other countries, although China or Russia might also fill that gap, a researcher said The UK’s flagship polar research vessel is to head to Antarctica next week to help advance dozens of climate change-linked science projects, as Western nations spearhead studies there while the US withdraws. The RRS Sir David Attenborough, a state-of-the-art ship named after the renowned British naturalist, would aid research on everything from “hunting underwater tsunamis” to tracking glacier melt and whale populations. Operated by the British Antarctic Survey (BAS), the country’s polar research institute, the 15,000-tonne icebreaker — boasting a helipad, and various laboratories and gadgetry — is pivotal to the UK’s efforts to assess climate change’s impact there. “The saying goes
Floods on Sunday trapped people in vehicles and homes in Spain as torrential rain drenched the northeastern Catalonia region, a day after downpours unleashed travel chaos on the Mediterranean island of Ibiza. Local media shared videos of roaring torrents of brown water tearing through streets and submerging vehicles. National weather agency AEMET decreed the highest red alert in the province of Tarragona, warning of 180mm of rain in 12 hours in the Ebro River delta. Catalan fire service spokesman Oriol Corbella told reporters people had been caught by surprise, with people trapped “inside vehicles, in buildings, on ground floors.” Santa Barbara Mayor Josep Lluis
Police in China detained dozens of pastors of one of its largest underground churches over the weekend, a church spokesperson and relatives said, in the biggest crackdown on Christians since 2018. The detentions, which come amid renewed China-US tensions after Beijing dramatically expanded rare earth export controls last week, drew condemnation from US Secretary of State Marco Rubio, who on Sunday called for the immediate release of the pastors. Pastor Jin Mingri (金明日), founder of Zion Church, an unofficial “house church” not sanctioned by the Chinese government, was detained at his home in the southern city of Beihai on Friday evening, said
TICKING CLOCK: A path to a budget agreement was still possible, the president’s office said, as a debate on reversing an increase of the pension age carries on French President Emmanuel Macron yesterday was racing to find a new prime minister within a two-day deadline after the resignation of outgoing French Prime Minister Sebastien Lecornu tipped the country deeper into political crisis. The presidency late on Wednesday said that Macron would name a new prime minister within 48 hours, indicating that the appointment would come by this evening at the latest. Lecornu told French television in an interview that he expected a new prime minister to be named — rather than early legislative elections or Macron’s resignation — to resolve the crisis. The developments were the latest twists in three tumultuous
RSS