One of the world’s biggest criminal hacking gangs on Tuesday woke up to a startling discovery: Law enforcement, after taking over their main Web site on Monday, were now threatening to reveal their personal details and data about their cybercrime organization.
The group, LockBit, had become notorious in cybercrime circles for using malicious software called ransomware to digitally extort victims, relying on underground marketing campaigns to boost its profile.
At one point, LockBit had promised US$1,000 to anyone who tattooed their logo on themselves, cybersecurity researchers said.
Photo: Handout via Reuters
The group’s ringleader, known by the online moniker “LockBitSupp,” had also become so confident in their own anonymity that they had promised US$10 million to the first person who could find and unmask them, the British National Crime Agency (NCA) said.
The international law enforcement operation, which had posted on the extortion Web site on Monday that it had taken control, on Tuesday said it had re-engineered LockBit’s core online system — mimicking the countdown clock that LockBit used in extortion attempts and posing its own US$10 million challenge, a review of LockBit’s “dark Web” site showed.
The core online system was re-engineered to target the hackers in the same way they had terrorized victims: with an advent calendar-like series of tiles, each marked with a countdown timer that, upon reaching zero, published stolen data.
Across the Web site’s front page, where victim names once stood, law enforcement agencies replaced the text and links with internal data obtained by hacking the hackers themselves.
The resulting display was a smorgasbord of law enforcement action against LockBit, which included indictments, sanctions, a tool with which victims can decrypt their data, and a new countdown with two days left on the clock which asked: “Who is LockBitSupp? The $10 million question.”
Before it was taken down, LockBit’s Web site had displayed an ever-growing gallery of victim organizations that was updated nearly daily. Next to the names were digital clocks showing the number of days left to the deadline given to each organization to provide ransom payment.
In June last year, technology news Web site TechCrunch said that LockBit had targeted Taiwan Semiconductor Manufacturing Co, a month after claiming responsibility for a ransomware attack against a plant in Mexico owned by Taiwan’s Hon Hai Precision Industry Co.
The unique law enforcement operation was the result of a years-long investigation by international police agencies and was designed to undermine the group’s credibility in the criminal underground, officials said.
“LockBit’s affiliates should be very concerned right now, especially as law enforcement continues to make decryptors available to victims,” Mandiant Consulting chief technology officer Charles Carmakal said.
The US has charged two Russian nationals with deploying LockBit ransomware against companies and groups around the world. Police in Poland and Ukraine made two arrests.
Before it was seized by police, LockBit would often publish caches of stolen data from victimized companies that did not pay — such as personal private information of customers, medical records, internal billing data and the communications of internal staff, among other things.
The leaks were intended to harm the reputation of victims and put them in legal jeopardy, netting LockBit more than US$120 million in ransom payments, experts said.
NCA Director-General Graeme Biggar on Tuesday told reporters that the true cost, including money spent by organizations and corporations scrambling to regain access to their networks and the effect on business, could have amounted to losses totaling Additional reporting by staff writer
‘DISCRIMINATION’: The US Office of Personnel Management ordered that public DEI-focused Web pages be taken down, while training and contracts were canceled US President Donald Trump’s administration on Tuesday moved to end affirmative action in federal contracting and directed that all federal diversity, equity and inclusion (DEI) staff be put on paid leave and eventually be laid off. The moves follow an executive order Trump signed on his first day ordering a sweeping dismantling of the federal government’s diversity and inclusion programs. Trump has called the programs “discrimination” and called to restore “merit-based” hiring. The executive order on affirmative action revokes an order issued by former US president Lyndon Johnson, and curtails DEI programs by federal contractors and grant recipients. It is using one of the
One of Japan’s biggest pop stars and best-known TV hosts, Masahiro Nakai, yesterday announced his retirement over sexual misconduct allegations, reports said, in the latest scandal to rock Japan’s entertainment industry. Nakai’s announcement came after now-defunct boy band empire Johnny & Associates admitted in 2023 that its late founder, Johnny Kitagawa, for decades sexually assaulted teenage boys and young men. Nakai was a member of the now-disbanded SMAP — part of Johnny & Associates’s lucrative stable — that swept the charts in Japan and across Asia during the band’s nearly 30 years of fame. Reports emerged last month that Nakai, 52, who since
EYEING A SOLUTION: In unusually critical remarks about Russian President Vladimir Putin, US President Donald Trump said he was ‘destroying Russia by not making a deal’ US President Donald Trump on Wednesday stepped up the pressure on Russian President Vladimir Putin to make a peace deal with Ukraine, threatening tougher economic measures if Moscow does not agree to end the war. Trump’s warning in a social media post came as the Republican seeks a quick solution to a grinding conflict that he had promised to end before even starting his second term. “If we don’t make a ‘deal,’ and soon, I have no other choice but to put high levels of Taxes, Tariffs, and Sanctions on anything being sold by Russia to the United States, and various other
In Earth’s upper atmosphere, a fast-moving band of air called the jet stream blows with winds of more than 442kph, but they are not the strongest in our solar system. The comparable high-altitude winds on Neptune reach about 2,000kph. However, those are a mere breeze compared with the jet stream on a planet called WASP-127b. Astronomers have detected winds howling at about 33,000kph on the large gaseous planet in our Milky Way galaxy approximately 520 light-years from Earth in a tight orbit around a star similar to our sun. The supersonic jet-stream winds circling WASP-127b at its equator are the fastest of their kind
RSS