International law enforcement forces arrest two operators of LockBit suspected of attacking Nagoya Port and create tool to recover encrypted files for free
Operation Chronos, a law enforcement unit involving police organizations from 10 countries including Japan, has announced the arrest of two operators of LockBit, a group that made money by distributing ransomware. did.
Office of Public Affairs | US and UK Disrupt LockBit Ransomware Variant | United States Department of Justice
Law enforcement disrupt world's biggest ransomware operation | Europol
https://www.europol.europa.eu/media-press/newsroom/news/law-enforcement-disrupt-worlds-biggest-ransomware-operation
United States Sanctions Affiliates of Russia-Based LockBit Ransomware Group | US Department of the Treasury
https://home.treasury.gov/news/press-releases/jy2114
Police arrest LockBit ransomware members, release decryptor in global crackdown
https://www.bleepingcomputer.com/news/security/police-arrest-lockbit-ransomware-members-release-decryptor-in-global-crackdown/
On February 20, 2024, the U.S. Department of Justice announced that it had indicted Russian suspects Artur Sungatov and Ivan Kondratyev for allegedly operating LockBit, and that both men will stand trial in the United States. did.
In addition, the UK's National Crime Agency (NCA), the US Federal Bureau of Investigation (FBI), and Japan's National Police Agency have collaborated to develop a ``decryption tool'' that may be able to recover files encrypted by ransomware. Also succeeded in developing. The 'No More Ransom' portal, where you can search for compatible ransomware, has been released and is available in 37 countries including Japanese.
Decryption tool | The No More Ransom Project
Lockbit is a group that first appeared at the end of 2019 and was implementing 'Ransomware as a Service', which creates and distributes ransomware. The existence of LockBit attacks has been confirmed around the world, and in 2022 it was found to be the most deployed ransomware around the world, including variants.
According to the indictment, Sungatov, who was arrested this time, is said to have been involved in ransomware deployment activities since at least the beginning of January 2021, provided funding, and deployed ransomware to companies in various locations. I am. Kondratyev is the leader of the National Hazard Society, a subgroup of LockBit, and is suspected of being actively involved in LockBit's ransomware attacks.
The crackdown on LockBit led by the NCA was successful, and just before the arrest was announced, each police organization issued an announcement stating that they had captured the LockBit website. According to the Department of Justice, 34 LockBit-related servers in the Netherlands, Germany, Finland, France, Switzerland, Australia, the United States, and the United Kingdom have been removed and more than 14,000 related accounts have been identified.
International law enforcement forces from the US, UK, Japan, etc. seize the site of ``LockBit'', which is believed to be the mastermind behind the Nagoya Port hacking - GIGAZINE
A total of five people have been detained on suspicion of being involved in LockBit, including suspects who were already arrested in previous investigations. 'Today, the FBI and its partners successfully disrupted the LockBit ecosystem, the most prevalent ransomware in the world,' said FBI Director Christopher Wray. We will continue to work with our allies to identify and stop threats and hold perpetrators accountable.'
Related Posts:
in Security, Posted by log1p_kr