Topics
Latest
AI
Amazon
Image Credits:Getty Images
Apps
Biotech & Health
mood
Image Credits:Getty Images
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
fund raise
Gadgets
Gaming
Government & Policy
ironware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
Space
Startups
TikTok
Transportation
Venture
More from TechCrunch
case
Startup Battlefield
StrictlyVC
newssheet
Podcasts
picture
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
The busted ransomware gang leader returns with a promise of vengeance
day after it wasknocked offline by a sweeping , years - in - the - make law enforcement operation , the infamous Russia - based LockBit ransomware group has return to the dark internet with a new leak website stark with a number of new victims .
In a verbose , delimitation - ramble assertion published Saturday , the rest LockBit decision maker blamed its own negligence for last week ’s disturbance . A global jurisprudence enforcement drive set up an operation that hijack the ransomware work party ’s substructure by exploit a vulnerability in LockBit ’s public - face site , admit the dark web leak website that the gang used to publish stolen data point from victims .
“ Operation Cronos , ” as the feds dub it , also see the takedown of 34 host across Europe , the U.K. , and the U.S. , the seizure of more than 200 cryptocurrency wallet , and the arrests of two alleged LockBit members in Poland and Ukraine .
Just five daytime on , LockBit announced that its operations had take up , claim to have restored from backup man unaffected by the government squelcher . In its assertion , LockBit ’s administrator threatened to retaliate by saying it would place the government sector .
A spokesperson for the National Crime Agency , which led Operation Cronos , told TechCrunch on Monday take after LockBit ’s payoff that its takedown operation “ successfully pass through and took control of LockBit ’s systems , and was able to compromise their entire deplorable operation . ”
“ Their system of rules have now been destroyed by the NCA , and it is our assessment that LockBit stay completely compromised , ” the NCA said .
Law enforcement claiming overpowering triumph while the unmistakable LockBit ringleader rest at large , menace revenge , andtargeting fresh victimsputs the two at odds — for now . With more than a XII raw victim claimed since its brazen relaunch , LockBit ’s dying might have been overstated .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
As the cat - and - mouse game between the feds and the criminals swan on , so does the fighting talk — and the bold claims from both sides .
While the NCA promised a big reveal of the gang ’s long - standing loss leader , who goes by the name of “ LockBitSupp , ” the agency let on small about the decision maker in a mail to LockBit ’s own compromised dark web leak site on Friday .
“ We know who he is . We roll in the hay where he lives . We make out how much he is worth . LockBitSupp has engaged with Law Enforcement :) , ” the mistily formulate NCA message read .
U.S. law enforcement agencies have also offered a multimillion - dollar reward for details “ lead to the identification or location of any individual(s ) who hold a key leaders position ” in the LockBit gang — suggesting the authorities either do n’t have that information or can not yet prove it .
With the apparent decision maker LockBitSupp still in action — the last remaining piece of music of the LockBit teaser — it ’s unlikely LockBit is going away . Ransomware bunch are known to quick regroup and rebrand even after law enforcement kerfuffle claims to have accept them down for good .
Take another Russia - based ransomware gang : ALPHV , also known as BlackCat , last yr was dealt a interchangeable blow whenlaw enforcement agencies seized its dark web leak siteand released decryption key so victims could find access to slip files . Just twenty-four hours subsequently , the ALPHV announced it “ unseized ” its news leak site and claimed the FBI only had decryption keys for 400 or so companies — leaving more than 3,000 victim whose datum remains encrypted .
At the sentence of composition , ALPHV ’s leak site remains up and running — and go along to add new victims almost daily .
Other ransomware gang , such as Hive and Conti , have faced similar law enforcement action in recent years but are say to have simply rebranded and re - mould under different name . fellow member of Conti are said to be operating under the new Black Basta , BlackByte , and Karakurt grouping , while former Hive penis rebranded as a new ransomware surgical process dub Hunters International .
The LockBit squelcher , while hailed by many as one of the most meaning in late years , is unlikely to be much different — and the sign are already there .
In its long - winded billet , LockBit claim that law enforcement only obtained a handful of decryptors , nail the wrong people , and failed to take down all of the internet site under its control . LockBit also vow that in light of the operation , it would advance the security of its infrastructure , manually release decryptors , and go on its affiliate program .
“ No FBI with their assistants can scare me and stop me , the stability of the divine service is guarantee by age of uninterrupted work , ” LockBit ’s rant continue . “ They need to scare me because they can not chance and winnow out me , I can not be stopped . ”
The NCA narrate TechCrunch that the agency “ recognize LockBit would likely attempt to regroup and reconstruct their system ” but acknowledged that the office ’s work continues to disrupt the chemical group .
“ We have gather a huge amount of intelligence operation about them and those tie in with them , and our work to target and disrupt them continue , ” say NCA spokesperson Richard Crowe .
law of nature enforcement ’s acknowledgment that it ’s still act upon to cut off the pack tell us all we need to know : LockBit is n’t dead yet , and it likely never was .
Why are ransomware ring ca-ca so much money ?
