LONDON (AP) – Law-enforcement agencies have infiltrated and disrupted Lockbit, a prolific ransomware syndicate behind cyberattacks around the world, Britain’s National Crime Agency said yesterday.
The agency said it led an international operation targeting LockBit, which provides ransomware as a service to so-called affiliates who infect victim networks with the computer-crippling malware and negotiate ransoms. The group has been linked to thousands of attacks since 2019.
Hours before the announcement, the front page of LockBit’s site was replaced with the words “this site is now under control of law enforcement”, alongside the flags of the United Kingdom (UK), the United States (US) and several other nations.
The message said the website was under the control of the UK’s National Crime Agency “working in close cooperation with the FBI and the international law enforcement task force, Operation Cronos”.
It says it is an “ongoing and developing operation” that also involves agencies from Germany, France, Japan, Australia, New Zealand and Canada, among others, including Europol.
LockBit, which has been operating since 2019, has been the most prolific ransomware syndicate two years running. The group accounted for 23 per cent of the nearly 4,000 attacks globally last year in which ransomware gangs posted data stolen from victims to extort payment, according to the cybersecurity firm Palo Alto Networks.
