The National Crime Agency (NCA) of the United Kingdom, in collaboration with the FBI, has undertaken Operation Cronos to raid and seize the servers of the LockBit ransomware group, along with 28 affiliate servers, putting an end to the nefarious activities of this malware once and for all.
The NCA has obtained the source code of the LockBit server, along with extensive member information, and has also discovered decryption keys for over a thousand files, which will be used to assist victims going forward. Additionally, the servers contained data stolen by the LockBit group from victims, some of which indicated that victims had paid the ransom, providing evidence that LockBit did not delete the data even after receiving payment.
LockBit has been wreaking havoc since 2020, with the latest data showing over 2,000 victims, collectively paying over $120 million in ransom. One notable victim in Thailand was Bangkok Airways.
In addition to seizing servers, Europol has also aided in the arrest of 2 members of the group in Poland and Ukraine, confiscating over 200 cryptocurrency accounts.
Source: NCA, Justice.gov
TLDR: The NCA and FBI have successfully carried out Operation Cronos to dismantle the LockBit ransomware group and its affiliates, putting an end to their malicious activities.
Leave a Comment