LockBit's Leak Site Reemerges, a Week After 'Complete Compromise'
Is LockBit dead? Law enforcement and the group itself seem to be telling conflicting stories.
The LockBit ransomware-as-a-service (RaaS) operation has re-launched its leak site, just one week after a coordinated takedown operation from global law enforcement.
On Feb. 19, the "Operation Cronos Taskforce" -- which includes the FBI, Europol, and the UK's National Crime Agency (NCA), among other agencies -- carried out a massive action. According to Britain's National Crime Agency (NCA), the taskforce took down infrastructure spread across three countries, including dozens of servers. It seized code and other valuable intelligence, troves of data stolen from its victims, and more than 1,000 associated decryption keys. It vandalized the group's leak site, and its affiliate portal, froze more than 200 cryptocurrency accounts, arrested a Polish and a Ukrainian national, and indicted two Russian nationals.
A spokesperson for the NCA summed it up on Feb. 26, telling Reuters that the group "remains completely compromised."
The person added, however, that "our work to target and disrupt them continues."
About the Author
You May Also Like