The U.K. National Crime Agency's Cyber Division, the FBI and international partners have cut off ransomware threat actors' access to LockBit's website, which has been used as a large ransomware-as-a-service storefront.
According to CISA, LockBit was the most common type of ransomware deployed globally in 2023.
LockBit ransomware could be deployed through compromised website links, phishing, credential theft or other methods.
LockBit targeted more than 2,000 victims since its first appearance in January 2020, for more than $120 million total in ransomware payments.
The gang ran ransomware-as-a-service websites like a legitimate business, offering a data leak blog, a bug bounty program to find vulnerabilities in the ransomware, and regular updates.
SEE: IBM and ISC2 are offering a joint cybersecurity certification course for beginners.
LockBit ransomware has been deployed against organizations across various industries, in particular manufacturing, semiconductor fabrication and healthcare.
Attackers using LockBit have turned the ransomware on municipal targets, including the U.K.'s Royal Mail.
Must-read security coverage LockBit website shut down.
On Feb. 20, the U.S. Department of Justice announced that an international law enforcement action shut down numerous websites the LockBit gang used to launch ransomware attacks.
Law enforcement groups from the U.S., U.K., France, Germany, Switzerland, Japan, Australia, Sweden, Canada, the Netherlands, Finland and the European Union contributed to the seizure of the LockBit sites.
The U.K. National Crime Agency and international partners created decryption capabilities that can unlock data held for ransom by LockBit.
Organizations targeted by LockBit can submit a form to the FBI to see if the decryption technology might work for them.
Threat actors' responses to LockBit's takedown.
In the wake of the LockBit takedown, a team from cyber threat intelligence company Searchlight Cyber monitored Dark Web communication and found that some threat actors were unsure whether the LockBit site would be down forever.
This Cyber News was published on www.techrepublic.com. Publication date: Tue, 20 Feb 2024 20:13:04 +0000