A darkish web page belonging to the world’s most infamous ransomware gang has been seized by the Federal Bureau of Investigation (FBI) and its worldwide allies. The multinational ransomware gang referred to as LockBit had been within the headlines for years for routinely extorting cash from people, multinational firms in addition to governments.
While the total extent of the cyber effort codenamed ‘Operation Cronos’ by intelligence companions is unknown at this stage, a message on the group’s .onion website shows a seizure banner.
“We can confirm that Lockbit’s services have been disrupted as a result of International Law Enforcement action — this is an ongoing and developing operation,” learn the message posted on Monday (Feb 19).
“The web site is below the management of the National Crime Agency (NCA) of the UK, working in shut cooperation with the FBI and the worldwide regulation enforcement job pressure, ‘Operation Cronos’,” the message added alongside with the seals of the FBI, NCA and a number of different regulation enforcement companies from Australia to Germany.
A CNN report acknowledged that the companies will publicly disclose extra particulars of the operation on Tuesday (Feb 20).
According to malware analysis group VX-Underground, the infamous hacker group was compromised and its website was taken down by exploiting a important safety flaw impacting PHP (CVE-2023-3824, CVSS rating: 9.8) that might lead to distant code execution.
LockBit’s emergence
LockBit first made waves on the worldwide scene in 2019 and since then it has been the most energetic and infamous ransomware gang, claiming greater than 2,000 victims.
The British authorities warned final yr that LockBit’s eponymous software program remained the “most deployed ransomware variant” the world over in 2022 and that it “continues to be prolific to this point in 2023”.
LockBit was behind the most important cyberattack on the UK’s Royal Mail in early 2023 which compelled the mail service to plead with prospects to cease sending any worldwide mail.
Additionally, LockBit claimed duty for ransomware assaults on the Industrial and Commercial Bank of China and Fulton County, Georgia, in current months.
LockBit’s website being hacked by the authorities comes within the backdrop of the BlackCat ransomware group being dismantled by the US authorities a few months in the past.
(With inputs from companies)