(844) 627-8267
(844) 627-8267

Victims of LockBit ransomware urged to contact FBI for decryption assistance | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

The U.S. Federal Bureau of Investigation is encouraging victims of the notorious LockBit ransomware gang to contact them after they were able to obtain over 7,000 decryption keys that can help victims reclaim their data.

The news came via a speech given by Bryan Vorndran, the assistant director of the FBI’s Cyber Division, at the 2024 Boston Conference on Cyber Security. “From our ongoing disruption of LockBit, we now have over 7,000 decryption keys and can help victims reclaim their data and get back online,” Vorndran said at the conference. “We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov.”

The news comes nearly three months after LockBit was supposedly taken down in an international law enforcement operation, although the group was back online less than a week later. The over 7,000 keys cited today are significantly more than the 1,000 claimed to have been seized in the raids back in February.

The raids in February led to authorities in the U.K., U.S. and Australia revealing new sanctions against LockBit in May and naming a Russian man believed to be the group’s administrator and lead developer.

Russian national Dmitry Khoroshev, known online as LockBitSupp, is claimed to have thrived on anonymity and had previously offered a $10 million reward to anyone who could reveal his identity. As a result of his being identified, Khoroshev has been sanctioned by the U.K. Foreign, Commonwealth and Development Office, the U.S. Department of the Treasury’s Office of Foreign Assets Control and the Australian Department of Foreign Affairs.

Discussing the FBI’s decryption key offer, Erich Kron, security awareness advocate at security awareness training company KnowBe4 Inc., told SiliconANGLE that this is “an example of why it is important to hold on to data that was encrypted by ransomware.”

“More than once the infrastructure has been disrupted and decryption keys have been made available,” Kron explains. “Even organizations that restore from backups often find themselves missing some of the data, and instances like this where decryption keys are being provided can help them recover this information.”

“It is certainly nice when data can be recovered, however this will not help organizations that have had their data exposed publicly when they refused to pay a ransom,” Kron added. “Unfortunately, the encryption piece is just one piece of the puzzle.”

Image: LockBit

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy



Click Here For The Original Source.


National Cyber Security