Police arrest four suspects linked to LockBit ransomware gang

Previous arrests of Lockbit ransomware actors (some of them already charged for various offenses) include Mikhail Pavlovich Matveev (aka Wazawaka) in May 2023, Artur Sungatov and Ivan Gennadievich Kondratiev (aka Bassterlord) in February 2024, and Dmitry Yuryevich Khoroshev (aka LockBitSupp and putinkrab) in May 2024. Law enforcement authorities from 12 countries arrested four suspects linked to the LockBit ransomware gang, including a developer, a bulletproof hosting service administrator, and two people connected to LockBit activity. This joint action also led to seizures of LockBit infrastructure servers and involved police officers in Operation Cronos, a task force led by the U.K. National Crime Agency (NCA) behind a global LockBit crackdown and an investigation that began in April 2022. In February 2024, Operation Cronos shut down LockBit's infrastructure and seized 34 servers containing over 2,500 decryption keys that were later used to create a free LockBit 3.0 Black Ransomware decryptor. Today, Australia, the United Kingdom, and the United States also revealed sanctions against an individual the UK NCA believes is a prolific LockBit ransomware affiliate linked to Evil Corp. In July, Russian nationals Ruslan Magomedovich Astamirov and Canadian/Russian national Mikhail Vasiliev also admitted to participating in at least a dozen ransomware attacks as affiliates of the LockBit ransomware-as-a-service operation. LockBit emerged in September 2019 and has since claimed responsibility for and been linked to attacks against many high-profile companies and organizations worldwide, including Bank of America, Boeing, the Continental automotive giant, the Italian Internal Revenue Service, and the UK Royal Mail. According to Europol, a suspected LockBit ransomware developer was arrested in August 2024 at the request of French authorities while on holiday outside of Russia. The same month, the U.K.'s National Crime Agency (NCA) arrested two more individuals linked to LockBit activity: one believed to be associated with a LockBit affiliate, while the second was apprehended on suspicion of money laundering. "These actions follow the massive disruption of LockBit infrastructure in February 2024, as well as the large series of sanctions and operational actions that took place against LockBit administrators in May and subsequent months," Europol said. In a separate action, at Madrid airport, Spain's Guardia Civil arrested the administrator of a bulletproof hosting service used to shield LockBit's infrastructure. Astamirov was arrested in Arizona in June 2023 and charged with deploying LockBit ransomware.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 01 Oct 2024 15:40:20 +0000


Cyber News related to Police arrest four suspects linked to LockBit ransomware gang

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ...
7 months ago Krebsonsecurity.com
Police arrest four suspects linked to LockBit ransomware gang - Previous arrests of Lockbit ransomware actors (some of them already charged for various offenses) include Mikhail Pavlovich Matveev (aka Wazawaka) in May 2023, Artur Sungatov and Ivan Gennadievich Kondratiev (aka Bassterlord) in February 2024, and ...
1 week ago Bleepingcomputer.com
U.S. Joins U.K. to Seize LockBit Site, Disrupt Massive Ransomware Variant - The U.S. Department of Justice has partnered with the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group. The LockBit ransomware group is one of the most active ...
7 months ago Americansecuritytoday.com
Hubris May Have Contributed to Downfall of Ransomware Kingpin LockBit - For all its vaunted success, the LockBit ransomware operation appears to have already been beset by problems when an international law enforcement effort led by the UK's National Crime Agency shut it down this week. Though it's likely that the dozens ...
7 months ago Darkreading.com
Police arrested four new individuals linked to the LockBit ransomware operation - “Europol supported a new series of actions against LockBit actors, which involved 12 countries and Eurojust and led to four arrests and seizures of servers critical for LockBit’s infrastructure.” reads the press release published by ...
1 week ago Securityaffairs.com
What is Proposition E and Why Should San Francisco Voters Oppose It? - In addition to removing certain police oversight authority from the Police Commission and expanding the circumstances under which police may conduct high-speed vehicle chases, Proposition E would also amend existing laws passed in 2019 to protect San ...
8 months ago Eff.org
LockBit Ransomware Targets German Energy Agency Dena - Dena, the reputed German Energy Agency, is said to have fallen victim to the notorious LockBit ransomware group. The Dena cyberattack was revealed through a post on the threat actor's dark web platform, where they disclose data breach incidents and ...
9 months ago Heimdalsecurity.com
Law enforcement agencies arrest 4 alleged LockBit members | TechTarget - Authorities arrested four suspected members of the LockBit ransomware gang during the third phase of the international law enforcement effort dubbed Operation Cronos. Operation Cronos' efforts to disrupt the LockBit ransomware gang continue as ...
1 week ago Techtarget.com
LockBit Ransomware Gang's Website Shut Down - The U.K. National Crime Agency's Cyber Division, the FBI and international partners have cut off ransomware threat actors' access to LockBit's website, which has been used as a large ransomware-as-a-service storefront. According to CISA, LockBit was ...
7 months ago Techrepublic.com
San Francisco Police's Live Surveillance Yields Almost 200 Hours of Spying-Including of Music Festivals - A new report reveals that in just three months, from July 1 to September 30, 2023, the San Francisco Police Department racked up 193 hours and 19 minutes of live access to non-city surveillance cameras. That means for the equivalent of 8 days, police ...
8 months ago Eff.org
LockBit attacks continue via ConnectWise ScreenConnect flaws - Exploitation of two critical ConnectWise vulnerabilities continues to mount, with many attacks attributed to ransomware gangs such as LockBit. Last month, ConnectWise disclosed an authentication bypass vulnerability, tracked as CVE-2024-1708, that ...
7 months ago Techtarget.com
Copycat Criminals mimicking Lockbit gang in northern Europe - Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. During the past months, the Lockbit gang reached very high popularity in the underground ecosystem. The ...
1 year ago Securityaffairs.com
Hangzhou's Cybersecurity Breakthrough: How ChatGPT Elevated Ransomware Resolution - The Chinese media reported on Thursday that local police have arrested a criminal gang from Hangzhou who are using ChatGPT for program optimization to carry out ransomware attacks for the purpose of extortion. An organization in the Shangcheng ...
9 months ago Cysecurity.news
LockBit Associates Arrested, Evil Corp Bigwig Outed - "The exposure of Evil Corp's ties to LockBit is a major blow to the ransomware affiliate market," said Ferhat Dikbiyik, head of research at Black Kite, in an emailed statement to Dark Reading. In addition, Aleksandr Ryzhenkov (aka ...
1 week ago Darkreading.com
The Impact of LockBits New ContiBased Encryptor on Ransomware - The LockBit ransomware gang has recently started using a new encryptor, called LockBit Green, which is based on the source code of the now-defunct Conti ransomware gang. This follows the gang's previous iterations of their encryptor, which began with ...
1 year ago Heimdalsecurity.com
LockBit lied: Stolen data is from a bank, not US Federal Reserve - Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the central bank of the United States. The tall claim was followed up with LockBit ...
3 months ago Bleepingcomputer.com
Threatening Emails Rattle Bengal Schools: Police Pursue Latvia Lead - In a statement announced Tuesday, the Kolkata Police said that more than 20 schools across the city have been threatened with bombs, which have been later revealed as hoaxes. According to the sender, bombs had been placed in numerous classrooms ...
6 months ago Cysecurity.news
Ragnar Locker ransomware developer arrested in France - Law enforcement agencies arrested a malware developer linked with the Ragnar Locker ransomware gang and seized the group's dark web sites in a joint international operation. Authorities from France, the Czech Republic, Germany, Italy, Latvia, the ...
10 months ago Bleepingcomputer.com
The new ransomware behind Indonesia's data center attack - The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center. Indonesia is building out National Data Centers to securely store ...
3 months ago Bleepingcomputer.com
The new ransomware behind Indonesia's data center attack - The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center. Indonesia is building out National Data Centers to securely store ...
3 months ago Bleepingcomputer.com
LockBit claim about hacking U.S. Federal Reserve fizzles - The LockBit ransomware gang claimed it had breached the U.S. Federal Reserve, but it ultimately leaked data belonging to a single bank. On June 23, LockBit listed the U.S. Federal Reserve on its data leak site and claimed to have obtained roughly 33 ...
3 months ago Techtarget.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
4 months ago Bleepingcomputer.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
8 months ago Securityboulevard.com
What is Lockbit Ransomware? The Most Essential Things You Need to Know - Lockbit ransomware is one of the latest malware threats to hit the cybersecurity world. It has been seen in several major ransomware attacks, including the attack on the software maker Nuance Communications. Lockbit is a particularly dangerous strain ...
1 year ago Tripwire.com
LockBit targets hospitals - We did not see much research released on ransomware this week, with most of the news focusing on new attacks and LockBit affiliates increasingly targeting hospitals. These attacks include ones against Yakult Australia and the Ohio Lottery by the new ...
9 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)