LockBit Takes Credit for City of Wichita Ransomware Attack

The notorious LockBit cybercrime group has taken credit for the recent ransomware attack that forced the City of Wichita, Kansas, to shut down many of its systems.
The city disclosed the incident on May 6, one day after the intrusion was discovered.
Wichita said the hackers had deployed file-encrypting malware on some of its systems.
The incident appears to have impacted water utility, municipal court, cultural, and public transportation payments.
The city also announced that public Wi-Fi was not working at the airport, and arrival and departure screens stopped working due to the hack.
It's unclear when these systems would become operational again.
Wichita is apparently still investigating whether any information was stolen during the cyberattack.
The city was added to the LockBit website on May 7, with the cybercriminals threatening to leak files stolen from its systems in seven days, unless a ransom is paid.
The news comes shortly after authorities announced the unmasking of LockBitSupp, the mastermind behind the LockBit ransomware operation.
Dimitry Yuryevich Khoroshev, 31, of Voronezh, Russia, has been charged by the US, where he faces up to 185 years in prison.
He has also been sanctioned by the US, UK and Australia.
The US is offering up to $10 million for information leading to his arrest.
The LockBit operation was severely disrupted in February by an international law enforcement operation.
Just before authorities named Khoroshev as LockBitSupp, threat intelligence firm Cyberint reported that over 50 companies had been added to the new leak site set up by LockBit operators following the takedown.
Major ransomware groups announcing a significant campaign before permanently shutting down an operation and re-launching under a new name is not unheard of.


This Cyber News was published on www.securityweek.com. Publication date: Thu, 09 May 2024 14:43:06 +0000


Cyber News related to LockBit Takes Credit for City of Wichita Ransomware Attack

U.S. Joins U.K. to Seize LockBit Site, Disrupt Massive Ransomware Variant - The U.S. Department of Justice has partnered with the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group. The LockBit ransomware group is one of the most active ...
10 months ago Americansecuritytoday.com
Hubris May Have Contributed to Downfall of Ransomware Kingpin LockBit - For all its vaunted success, the LockBit ransomware operation appears to have already been beset by problems when an international law enforcement effort led by the UK's National Crime Agency shut it down this week. Though it's likely that the dozens ...
10 months ago Darkreading.com
LockBit Takes Credit for City of Wichita Ransomware Attack - The notorious LockBit cybercrime group has taken credit for the recent ransomware attack that forced the City of Wichita, Kansas, to shut down many of its systems. The city disclosed the incident on May 6, one day after the intrusion was discovered. ...
7 months ago Securityweek.com
LockBit Takes Credit for City of Wichita Ransomware Attack - The notorious LockBit cybercrime group has taken credit for the recent ransomware attack that forced the City of Wichita, Kansas, to shut down many of its systems. The city disclosed the incident on May 6, one day after the intrusion was discovered. ...
7 months ago Packetstormsecurity.com
Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ...
10 months ago Krebsonsecurity.com
Law enforcement data stolen in Wichita ransomware attack - The city of Wichita warned its residents on Tuesday that the gang behind a recent ransomware attack likely stole sensitive law enforcement information. In a data breach notice about the incident, which is still affecting numerous city services, the ...
7 months ago Therecord.media
LockBit Ransomware Targets German Energy Agency Dena - Dena, the reputed German Energy Agency, is said to have fallen victim to the notorious LockBit ransomware group. The Dena cyberattack was revealed through a post on the threat actor's dark web platform, where they disclose data breach incidents and ...
1 year ago Heimdalsecurity.com
Police arrest four suspects linked to LockBit ransomware gang - Previous arrests of Lockbit ransomware actors (some of them already charged for various offenses) include Mikhail Pavlovich Matveev (aka Wazawaka) in May 2023, Artur Sungatov and Ivan Gennadievich Kondratiev (aka Bassterlord) in February 2024, and ...
2 months ago Bleepingcomputer.com
Ransomware attack on Patelco Credit Union causes confusion ahead of holiday weekend - One of the largest credit unions on the West Coast continues to struggle with its operations following a ransomware attack that began on Saturday. Patelco Credit Union - one of the nation's oldest credit unions with more than $9 billion in assets - ...
5 months ago Therecord.media
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
7 months ago Bleepingcomputer.com
LockBit Ransomware Gang's Website Shut Down - The U.K. National Crime Agency's Cyber Division, the FBI and international partners have cut off ransomware threat actors' access to LockBit's website, which has been used as a large ransomware-as-a-service storefront. According to CISA, LockBit was ...
10 months ago Techrepublic.com
LockBit attacks continue via ConnectWise ScreenConnect flaws - Exploitation of two critical ConnectWise vulnerabilities continues to mount, with many attacks attributed to ransomware gangs such as LockBit. Last month, ConnectWise disclosed an authentication bypass vulnerability, tracked as CVE-2024-1708, that ...
9 months ago Techtarget.com
Credit union operations restored after tech supplier ransomware attack - The federal agency that oversees credit unions said operations at about 60 of the organizations have been restored following a ransomware attack last month. Ongoing Operations, a cloud services provider owned by credit union technology firm ...
1 year ago Therecord.media
What is Lockbit Ransomware? The Most Essential Things You Need to Know - Lockbit ransomware is one of the latest malware threats to hit the cybersecurity world. It has been seen in several major ransomware attacks, including the attack on the software maker Nuance Communications. Lockbit is a particularly dangerous strain ...
1 year ago Tripwire.com
Law enforcement trolls LockBit, reveals massive takedown - In an act of exquisite trolling, the UK's National Crime Agency has announced further details about its disruption of the LockBit ransomware group by using the group's own dark web website. Since the demise of Conti in 2022, LockBit has been ...
10 months ago Malwarebytes.com
The Week in Ransomware - Attacks on hospitals continued this week, with ransomware operations disrupting patient care as they force organization to respond to cyberattacks. While many, like LockBit, claim to have policies in place to avoid encryping hospitals, we continue to ...
10 months ago Bleepingcomputer.com
LockBit claim about hacking U.S. Federal Reserve fizzles - The LockBit ransomware gang claimed it had breached the U.S. Federal Reserve, but it ultimately leaked data belonging to a single bank. On June 23, LockBit listed the U.S. Federal Reserve on its data leak site and claimed to have obtained roughly 33 ...
5 months ago Techtarget.com
Copycat Criminals mimicking Lockbit gang in northern Europe - Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. During the past months, the Lockbit gang reached very high popularity in the underground ecosystem. The ...
1 year ago Securityaffairs.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
11 months ago Securityboulevard.com
The new ransomware behind Indonesia's data center attack - The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center. Indonesia is building out National Data Centers to securely store ...
5 months ago Bleepingcomputer.com
The new ransomware behind Indonesia's data center attack - The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center. Indonesia is building out National Data Centers to securely store ...
5 months ago Bleepingcomputer.com
LockBit targets hospitals - We did not see much research released on ransomware this week, with most of the news focusing on new attacks and LockBit affiliates increasingly targeting hospitals. These attacks include ones against Yakult Australia and the Ohio Lottery by the new ...
11 months ago Bleepingcomputer.com
The Impact of LockBits New ContiBased Encryptor on Ransomware - The LockBit ransomware gang has recently started using a new encryptor, called LockBit Green, which is based on the source code of the now-defunct Conti ransomware gang. This follows the gang's previous iterations of their encryptor, which began with ...
1 year ago Heimdalsecurity.com
Cops dismantled LockBit before latest variant hit market The Register - Law enforcement's disruption of the LockBit ransomware crew comes as the criminal group was working on bringing a brand-new variant to market, research reveals. As part of the daily LockBit leaks this week, Trend Micro's report on the group, ...
10 months ago Go.theregister.com
LockBit lied: Stolen data is from a bank, not US Federal Reserve - Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the central bank of the United States. The tall claim was followed up with LockBit ...
5 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)