One of the world’s biggest criminal hacking gangs on Tuesday woke up to a startling discovery: Law enforcement, after taking over their main Web site on Monday, were now threatening to reveal their personal details and data about their cybercrime organization.
The group, LockBit, had become notorious in cybercrime circles for using malicious software called ransomware to digitally extort victims, relying on underground marketing campaigns to boost its profile.
At one point, LockBit had promised US$1,000 to anyone who tattooed their logo on themselves, cybersecurity researchers said.
Photo: Handout via Reuters
The group’s ringleader, known by the online moniker “LockBitSupp,” had also become so confident in their own anonymity that they had promised US$10 million to the first person who could find and unmask them, the British National Crime Agency (NCA) said.
The international law enforcement operation, which had posted on the extortion Web site on Monday that it had taken control, on Tuesday said it had re-engineered LockBit’s core online system — mimicking the countdown clock that LockBit used in extortion attempts and posing its own US$10 million challenge, a review of LockBit’s “dark Web” site showed.
The core online system was re-engineered to target the hackers in the same way they had terrorized victims: with an advent calendar-like series of tiles, each marked with a countdown timer that, upon reaching zero, published stolen data.
Across the Web site’s front page, where victim names once stood, law enforcement agencies replaced the text and links with internal data obtained by hacking the hackers themselves.
The resulting display was a smorgasbord of law enforcement action against LockBit, which included indictments, sanctions, a tool with which victims can decrypt their data, and a new countdown with two days left on the clock which asked: “Who is LockBitSupp? The $10 million question.”
Before it was taken down, LockBit’s Web site had displayed an ever-growing gallery of victim organizations that was updated nearly daily. Next to the names were digital clocks showing the number of days left to the deadline given to each organization to provide ransom payment.
In June last year, technology news Web site TechCrunch said that LockBit had targeted Taiwan Semiconductor Manufacturing Co, a month after claiming responsibility for a ransomware attack against a plant in Mexico owned by Taiwan’s Hon Hai Precision Industry Co.
The unique law enforcement operation was the result of a years-long investigation by international police agencies and was designed to undermine the group’s credibility in the criminal underground, officials said.
“LockBit’s affiliates should be very concerned right now, especially as law enforcement continues to make decryptors available to victims,” Mandiant Consulting chief technology officer Charles Carmakal said.
The US has charged two Russian nationals with deploying LockBit ransomware against companies and groups around the world. Police in Poland and Ukraine made two arrests.
Before it was seized by police, LockBit would often publish caches of stolen data from victimized companies that did not pay — such as personal private information of customers, medical records, internal billing data and the communications of internal staff, among other things.
The leaks were intended to harm the reputation of victims and put them in legal jeopardy, netting LockBit more than US$120 million in ransom payments, experts said.
NCA Director-General Graeme Biggar on Tuesday told reporters that the true cost, including money spent by organizations and corporations scrambling to regain access to their networks and the effect on business, could have amounted to losses totaling Additional reporting by staff writer
BACKLASH: The National Party quit its decades-long partnership with the Liberal Party after their election loss to center-left Labor, which won a historic third term Australia’s National Party has split from its conservative coalition partner of more than 60 years, the Liberal Party, citing policy differences over renewable energy and after a resounding loss at a national election this month. “Its time to have a break,” Nationals leader David Littleproud told reporters yesterday. The split shows the pressure on Australia’s conservative parties after Prime Minister Anthony Albanese’s center-left Labor party won a historic second term in the May 3 election, powered by a voter backlash against US President Donald Trump’s policies. Under the long-standing partnership in state and federal politics, the Liberal and National coalition had shared power
CONTROVERSY: During the performance of Israel’s entrant Yuval Raphael’s song ‘New Day Will Rise,’ loud whistles were heard and two people tried to get on stage Austria’s JJ yesterday won the Eurovision Song Contest, with his operatic song Wasted Love triumphing at the world’s biggest live music television event. After votes from national juries around Europe and viewers from across the continent and beyond, JJ gave Austria its first victory since bearded drag performer Conchita Wurst’s 2014 triumph. After the nail-biting drama as the votes were revealed running into yesterday morning, Austria finished with 436 points, ahead of Israel — whose participation drew protests — on 357 and Estonia on 356. “Thank you to you, Europe, for making my dreams come true,” 24-year-old countertenor JJ, whose
A documentary whose main subject, 25-year-old photojournalist Fatima Hassouna, was killed in an Israeli airstrike in Gaza weeks before it premiered at Cannes stunned viewers into silence at the festival on Thursday. As the cinema lights came back on, filmmaker Sepideh Farsi held up an image of the young Palestinian woman killed with younger siblings on April 16, and encouraged the audience to stand up and clap to pay tribute. “To kill a child, to kill a photographer is unacceptable,” Farsi said. “There are still children to save. It must be done fast,” the exiled Iranian filmmaker added. With Israel
Africa has established the continent’s first space agency to boost Earth observation and data sharing at a time when a more hostile global context is limiting the availability of climate and weather information. The African Space Agency opened its doors last month under the umbrella of the African Union and is headquartered in Cairo. The new organization, which is still being set up and hiring people in key positions, is to coordinate existing national space programs. It aims to improve the continent’s space infrastructure by launching satellites, setting up weather stations and making sure data can be shared across
RSS