Article Details

LockBit ransomware disrupted by global police operation. Law enforcement agencies from 11 countries have disrupted the notorious LockBit ransomware operation in a joint operation known as ''Operation Cronos." According to a banner displayed on the gang's data leak website, LockBit's dark web leak site is now under the control of the National Crime Agency of the United Kingdom. "The site is now under the control of law enforcement. This site is now under the control of The National Crime Agency of the UK, Working in close cooperation with the FBI and the international law enforcement task force, Operation Cronos," the banner reads. "We can confirm that Lockbit's services have been disrupted as a result of International Law Enforcement action - this is an ongoing and developing operation." While the leak site is no longer accessible, showing the seizure banner embedded below or an "Unable to connect" error saying the connection was refused, the ransomware gang's other dark web sites (including other sites used to host data and send private messages to the gang) are all still up. The law enforcement agencies behind Operation Chronos are expected to publish a joint press release tomorrow at 12:30 CET. The LockBit ransomware-as-a-service (RaaS) operation surfaced in September 2019 and has since targeted a wide range of high-profile organizations worldwide, LockBit's victim list includes the UK Royal Mail, the City of Oakland, the Continental automotive giant, and the Italian Internal Revenue Service. Cybersecurity authorities in the United States and partners worldwide said in a joint advisory released in June that the LockBit gang has extorted at least $91 million from U.S. organizations following as many as 1,700 attacks since 2020.