International investigators break up ransomware hacker group
Published: Tuesday, Feb 20th 2024, 09:30
Back to Live Feed
International investigators say they have broken up a hacker gang that allegedly extorted ransoms by stealing sensitive data.
A spokesperson for the National Crime Agency (NCA) confirmed to Sky News that the operation was ongoing. "More information" was announced for 12.30pm (CET). The Lockbit group's website stated: "This website is now under the control of the UK National Crime Agency, working closely with the FBI and the international law enforcement task force Operation Cronos." The British TV channel Sky News reported that a Lockbit representative had said via an encrypted messaging app that the group had backup servers that were not affected by the prosecution.
The international operation was a joint operation with Europol and law enforcement agencies from Switzerland, Germany, France, Japan, Canada, Australia, Sweden, the Netherlands and Finland.
Last year, the British cyber security authority NCSC, together with partners, warned that Lockbit posed a "persistent threat". The software was the "most commonly used ransomware variant in the world" in 2022 and has "remained productive to date" in 2023, the BBC quoted the authority as saying.
Lockbit is said to have been involved in high-profile hacker attacks, including one on the postal service provider Royal Mail in the UK in early 2023. In the USA, the group is accused of attacks on more than 1,700 organizations from several industries.
According to media reports, Lockbit was discovered in 2020. At the time, the software appeared in Russian-language forums, which is why some analysts assume that the group originates from Russia. On its website on the darknet, which is now controlled by the authorities, the group stated that it was based in the Netherlands and emphasized that it was apolitical and only interested in money.
©Keystone/SDA
English 
German 
French 
Spanish 
Arabic