(844) 627-8267
(844) 627-8267

LockBit Victim? Ask FBI for Your Ransomware Key | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Assistant director of the FBI’s Cyber Division Bryan Vorndran (pictured) might have the key to unscramble your  files.

The FBI has grabbed around 7,000 keys that decrypt the files of LockBit victims. The bureau isn’t saying how, but we think the cache came from the UK’s National Crime Agency, which captured the ransomware gang’s data.

But you do need to ask the feds for it. In today’s SB  Blogwatch, we wonder if there’s a catch here.

Your humble blog­watcher curated these bloggy bits for your enter­tain­ment. Not to mention:  Too many hotdogs.

Spy Warez

What’s the craic? Sergiu Gatlan reports: FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out

$1 billion in ransoms
FBI Cyber Division Assistant Director Bryan Vorndran announced, … ”We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center.” … This call to action comes after law enforcement took down LockBit’s infrastructure … in an international operation dubbed “Operation Cronos.”

After analyzing the seized data, the UK’s National Crime Agency and the U.S. Justice Department estimate the gang and its affiliates have raked in up to $1 billion in ransoms following 7,000 attacks. … The U.S. State Department now offers $10 million for any information that would lead to LockBit leadership arrest or conviction and an extra $5 million reward for tips leading to the arrest of LockBit ransomware affiliates.

Is this useful? Maybe. Evan Schuman explains how: FBI offers to share 7,000 LockBit ransomware decryption keys with CISOs

Russian-speaking countries
The FBI … is encouraging corporate victims to come forward to see if the keys can unlock any of their data. … It is unknown how many of the keys are functional. But there is an excellent chance that many of the obtained keys are still effective and could unlock data from enterprise victims who chose to not pay the ransom or were given keys that … didn’t work.

Vorndran, in his speech, said that the FBI is still seeing ransomware groups in the same countries where they have historically been based: “Almost all of the criminals developing sophisticated malware to enable ransomware attacks are based in Russian-speaking countries and operate as organized crime syndicates.”

Horse’s mouth? Bryan Vorndran and his crack team of scriptwriters: Remarks at the 2024 Boston Conference on Cyber Security

He is a criminal
Given FBI’s history, it should not be surprising that one of our core focuses is … to disrupt cybercriminals and raise their cost to operate. … It’s an all-tools/all-partners approach.

LockBit was set up by a Russian coder named Dimitri Khoroshev … using online aliases like “Putinkrab,” “Nerowolfe,” and “LockBitsupp.” … He is a criminal: … LockBit scams run the way local thugs used to demand “protection money” from storefront businesses. … We will not go easy on him.

Did someone say “Russian-speaking”? This Anonymous Coward jumps to conclusions:

Russia seems happy to be seen as a criminal state. It’s a pity but Russia seems to be criminal from the lowest crooks stealing from the west to the Kremlin stealing from the country. Criminality seems to be an honoured national trait rather than one to be avoided.

OK, but how do we fix the underlying problem? Applehu Akbar suggests two related ideas:

The only way to get back at ransomware hackers will be to destroy the cryptocurrency market. As soon as quantum supercomputers get powerful enough to break the hashing algorithms and create enough fake coins of each type to induce cryptocurrency inflation, the party’s over.

While we wait for this to happen, can we use AI to crawl the blockchains to nail illegal users?

Why didn’t the FBI simply publish the keys? Here’s nonrandomstring:

This is not the first time the FBI cracked a ransomware operation. … The real story is they got the keys.

In the past they’ve just published them [but] this is how you do law enforcement: Win hearts and minds with practical redress. Otherwise you’re just cutting heads of a hydra.

Or, alternatively, see Wickwick’s viewpoint:

Of course the FBI would like more victims to come forward and identify themselves. That’s a very visible way for the FBI to insert themselves into this relationship.

Or, the FBI could have simply released the decryption keys to the public and white-hats would have written scripts to see if one of them could unlock data in a totally private manner.

Meanwhile, u/Fallingdamage imagines the scene:

“Hmm, I see that you need a key to unlock your data, but you didn’t report this breach to the FBI as the law required. Here’s a big fine. We’ll talk about that key later.”

And Finally:

A quality lesson by Professor Calman Cleasadair

Previously in And Finally

You have been reading SB  Blogwatch by Richi  Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to  @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past per­formance is no guar­antee of future results. Do not stare into laser with re­maining eye. E&OE. 30.

Recent Articles By Author


Click Here For The Original Source.


National Cyber Security