Did Law Enforcement Just Troll World’s Biggest Ransomware Gang? | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

An international law enforcement operation, led by the U.K. National Crime Agency, has infiltrated LockBit, which is believed to be the most prolific of all ransomware gangs. The operation, called Operation Cronos, was a joint venture between the FBI, Europol, and the NCA, and it was successful in taking control of LockBit’s infrastructure and data. However, the NCA took it one fabulous step further and trolled LockBit by replacing the original ransomware gang’s online information with details of member arrests, and even offering a $10 million reward for the group’s leader.

MORE FROM FORBESBig Game Hackers Smash $1 Billion Ransomware Barrier

Law Enforcement Agency Trolls LockBit Ransomware Gang

A video of the trolling was published on X (formerly Twitter) on Tuesday morning. “After infiltrating the group’s network,” an NCA spokesperson tweeted, “the NCA has taken control of the infrastructure that allows the LockBit service to operate, compromising their entire criminal enterprise and damaging their credibility.”

A statement published by the U.S. Justice Department says that LockBit members have “executed attacks against more than 2,000 victims in the United States and around the world, making at least hundreds of millions of U.S. dollars in ransom demands and receiving over $120 million in ransom payments.”

Lockbit, a criminal operation thought to be based out of Russia, has been behind some of the most high-profile ransomware attacks, including the likes of Boeing, Microsoft, MGM Resorts and Royal Mail to name but a few.

Grade A Quality Trolling By The NCA, Security Expert Tweets

Referring to the replacement of LockBit information with links to NCA arrest details as well as putting a ransom, oh the irony, on the head of LockBit admin ‘LockbitSupp’ one security expert, Daniel Card of PwnDefend, tweeted that it was “grade A quality trolling” by the NCA.

“The takedown of LockBit’s website will be a massive blow to cybercriminals and although it won’t eradicate the problem, it will disrupt the criminal network potentially saving businesses millions of pounds in targeted activity,” Jake Moore, the global cybersecurity advisor with security vendor ESET, says. “It shows the successes of law enforcement agencies working together in collaboration and how this remains the best way in targeting connected threat actors.”

MORE FROM FORBESRansomware Attack Takes 100 Hospitals Offline

“The symbolic seizure banner displayed on LockBit’s .onion sites is a warning shot to other would-be criminals that they can’t stay safe forever,” Javvad Malik, lead security awareness advocate at cybersecurity training specialist KnowBe4, says. “While the immediate aftermath of this operation marks a decisive blow to LockBit’s operations, the broader narrative it contributes to is one of persistence. Yet, we must consider the resilience of these cybercriminal enterprises; history has shown us time and again their ability to adapt, evolve, and resurface under new guises.”


Click Here For The Original Source.


National Cyber Security