Summary
Law enforcement authorities have intensified their crackdown on the LockBit ransomware gang, resulting in the arrest of four suspects linked to the group and the imposition of sanctions on several individuals associated with its activities. This coordinated effort involved police from 12 countries and follows significant operational actions aimed at disrupting LockBit’s infrastructure and financial operations.
The recent arrests occurred as part of Operation Cronos, spearheaded by the UK’s National Crime Agency (NCA). Among those arrested were a suspected developer of LockBit ransomware, an administrator of a bulletproof hosting service, and two individuals connected to LockBit operations. In addition to these arrests, international authorities have imposed sanctions on multiple Russian nationals believed to be involved with Evil Corp, a cybercriminal organization closely tied to LockBit. The U.S. Department of Justice and the NCA estimate that LockBit has extorted up to $1 billion from victims through thousands of attacks since its emergence in 2019. This crackdown follows earlier significant disruptions of LockBit’s operations, including the seizure of servers and decryption keys, which have enabled law enforcement to create tools to help victims recover from ransomware attacks.
Recent Arrests and Operations
- Arrests: Four suspects were arrested in a joint action involving law enforcement from 12 countries, including a developer and a bulletproof hosting service administrator.
- Operation Cronos: This ongoing task force has targeted LockBit infrastructure since April 2022, leading to the seizure of servers and the arrest of key individuals.
Sanctions Imposed
- International Sanctions: The UK, United States, and Australia have sanctioned multiple individuals linked to Evil Corp and LockBit, highlighting the group’s extensive criminal network and its connections to Russian intelligence.
- Impact of Sanctions: These sanctions aim to disrupt the financial operations of the ransomware gang and deter further criminal activities.
Background on LockBit
LockBit ransomware emerged in September 2019 and has been responsible for high-profile attacks against various organizations, including major corporations and government entities. The group operates on a ransomware-as-a-service model, enabling affiliates to conduct attacks while sharing profits with the developers. The recent arrests and sanctions reflect a concerted global effort to dismantle this network and protect potential victims from future cyber threats.
Police arrest four suspects linked to LockBit ransomware gang
Oct. 1 / Bleepingcomputer / Focuses on recent arrests and operational successes against LockBit, detailing the international collaboration in law enforcement. While informative, it lacks the deeper context and connections provided by other sources. “ Law enforcement authorities from 12 countries arrested four suspects linked to the LockBit ransomware gang, including a developer, a bulletproof hosting...
Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence
Oct. 1 / Wired / Highlights the intricate ties between Evil Corp and Russian intelligence, providing a compelling narrative on cybercrime's evolution. Its depth and authoritative insights from the NCA make it particularly noteworthy. “ International law enforcement has worked for years to disrupt the cybercriminal gang Evil Corp and its egregious global crime spree. But in a crowded field...