Yazılar

Ransomware Gang Lockbit Reportedly Hacked in Embarrassing Leak

/in /tarafından

In an ironic twist, Lockbitone of the world’s most notorious ransomware gangs — appears to have fallen victim to a cyberattack of its own, according to security analysts and a rogue message posted on one of the group’s darkweb sites.

On Wednesday, Lockbit’s site was replaced with a taunting message that read:

Don’t do crime. CRIME IS BAD xoxo from Prague
The site also included a link to what appears to be a leaked cache of internal data, potentially containing chats between Lockbit members and their victims.

While Reuters has not independently verified the data, multiple cybersecurity experts have assessed the leak and confirmed its authenticity.

It’s legit,” said Jon DiMaggio, chief security strategist at Analyst1.
Christiaan Beek of Rapid7 noted the leak revealed Lockbit’s indiscriminate targeting — even aggressively pursuing small businesses for minor ransom payouts.
They attack everyone,” he added.

Who hacked Lockbit remains unclear, and some of the group’s associated darkweb infrastructure is currently down, with placeholder messages stating sites will be “working soon.” However, the damage may already be done.

This is not the first time Lockbit has faced disruption. In 2023, U.K. and U.S. authorities, alongside international partners, seized parts of the gang’s infrastructure. At the time, Lockbit quickly resurfaced and defiantly declared,

I cannot be stopped.”
But this latest incident appears more personal — and humiliating.

DiMaggio described the breach as a significant blow to the gang’s operations and credibility:

I think it will hurt them and slow them down.”

Lockbit, once dubbed “the Walmart of ransomwaredue to its prolific activity and reach, now faces a potentially destabilizing turn of events — and an unexpected reminder that even cybercriminals aren’t immune to being hacked.

US, UK, and Australia Target Russia-Based Zservers Over Lockbit Ransomware Attacks

/in /tarafından

The United States, joined by the United Kingdom and Australia, has taken coordinated action against Zservers, a Russia-based service provider linked to supporting the notorious Lockbit ransomware attacks. The U.S. Department of Treasury announced the sanctions on Tuesday, highlighting national security concerns related to ransomware operations.

Designations and Actions:

The U.S. Treasury’s Office of Foreign Assets Control (OFAC) added two Russian nationals to its sanctions list, accusing them of being key administrators for Zservers, a company that provides bulletproof hosting services (BPH) commonly used by cybercriminals. These services enable cyber actors, including ransomware groups, to carry out attacks on critical infrastructure both in the U.S. and internationally.

Bradley Smith, acting Under Secretary of the Treasury for Terrorism and Financial Intelligence, emphasized that third-party providers like Zservers play a crucial role in facilitating the operations of cybercriminals, including those behind Lockbit attacks.

Broader Context:

This move is part of a broader effort to combat cybercrime, following similar actions last year that saw joint sanctions from the U.S., UK, and Australia against the Evil Corp ransomware group. The sanctions are aimed at disrupting the infrastructure that supports cybercriminal activities globally.

US and UK law enforcement agencies identify and press charges against the Russian leader of the LockBit ransomware gang

/in /tarafından

The leader behind one of the most notorious ransomware groups, LockBit, has been unmasked. Dmitry Yuryevich Khoroshev, a 31-year-old Russian national, has been identified as the individual operating under the alias LockBitSupp, responsible for the development and administration of the LockBit ransomware. This revelation comes as a result of a joint effort by law enforcement, spearheaded by the U.K.’s National Crime Agency and backed by the U.S. Department of Justice. Devamını Oku