Trending Now

25/recent/ticker-posts

The Rise and Fall of LockBit: A Cybercrime Saga

 



 

Through ransomware cyberattacks, the LockBit gang has become the world's greatest menace during the past three years. According to the FBI, Lockbit is to blame for at least 1,700 attacks that have affected banking, food services, transportation, and educational institutions in the US alone. Their tactics of cyber-extortion have impacted global organizations, making them a very deadly foe in the realm of cybercrime.

In February 2024, law enforcement agencies carried out Operation Cronos, which successfully disrupted LockBit’s infrastructure. During this operation, the group’s leader, known as LockbitSupp on the dark web, was unmasked. It was discovered that LockbitSupp had made false claims about their location and vehicle ownership. Law enforcement agents are currently in communication with this individual, indicating that they have identified the person behind the LockbitSupp persona. The takedown efforts shed light on the group’s leadership and financial operations, marking a significant development in the fight against cybercrime.


A screenshot taken on February 19, 2024 shows a take down notice that a group of global intelligence agencies issued to a dark web site called Lockbit (Image Source: Handout/via Reuters)



What is Lockbit scam?, 

 

In 2019, Lockbit, a ransomware gang, was first discovered. With a business model based on ransomware-as-a-service (RaaS), the group based in Russia grants authorized hackers access to its ransomware software in return for a share of the ransom money paid. Inside the realm of cyber security, Lockbit is well-known.

In just three years, the group has attacked over 2,000 systems worldwide. They have documentation proving that, even after receiving payment, they never erased the victims' data. They have targeted a wide range of organizations, including commercial and public companies across various industries.

FBI officials claim that the attackers have taken over $120 million from their victims thus far, making this a highly aggressive and well-known fraud. LockBit is well-known for using double extortion, in which the company threatens to expose stolen data in the event that a ransom is not paid.

Since it began to concentrate on the US Finance Ministry, this gang has done the most harm in America. LockBit also made the China Industrial and Commercial Bank (ICBC) their target. India is ranked second in terms of the total number of attacks.

LockBit's dark web blog provides a list of every institution and organization that this gang has targeted. New names are added to this list almost daily. Furthermore, the amount of time each corporation has left to pay the ransom is indicated via a clock displaying their name. LockBit’s sophisticated tactics and widespread attacks have made it a significant threat in the realm of cybercrime.

Operation Cronos indeed collaborated with the cryptocurrency transaction analysis firm Chainalysis to delve into LockBit’s financial activities. Their investigation revealed the following details:

30,000 Bitcoin addresses were associated with LockBit.

Among these, over 500 active addresses received a total of more than $120 million. Remarkably, approximately $114 million of these funds remain unspent.

This financial insight sheds light on the scale and impact of LockBit’s operations in the cybercriminal landscape. The efforts to uncover these details are crucial in combating ransomware attacks and holding cybercriminals accountable.Law enforcement officials from 11 countries have joined forces to disrupt the activities of a major cybercrime group.


How do lockbits function?

 

LockBit, a well-known cybercrime gang, has wreaked havoc with clever tactics, their operations include,

The Business Model and Affiliates: LockBit acts as a one-stop shop for its affiliates. These affiliates pay to do hacking activities using the digital extortion tools that LockBit provides. LockBit provides its affiliates with both the malicious software and assistance.

Ransomware that operates as a service (RaaS): According to LockBit's ransomware-as-a-service business model, unaffiliated affiliates must pay to access their virus version. These affiliates are given support in executing attacks. 'The three main strains of LockBit are LockBit, LockBit Red, and LockBit Black.

Double Extortion: LockBit employs the popular tactic known as double extortion. They encrypt the victim's machine first. They then obtain private information and demand payment to have it posted online.

Wide Range of Targets: Financial services companies are among the many industries that LockBit has targeted.

A cybercrime syndicate that speaks Russian was behind the LockBit ransomware attacks. This infamous group, called LockBit, has attacked numerous organizations throughout the world, including well-known companies like Boeing, the UK Royal Mail, and Taiwanese semiconductor giant TSMC. 

Transportation, education, government agencies, and the food sector Billions of pounds, dollars, and euros have been lost as a result of their attacks, between ransom payments and recovery costs.

Lockbit attacks in india,

LockBit ransomware has indeed targeted several organizations in India. Here are some notable instances:

General: India had the most victims in the Asia-Pacific (APAC) region. LockBit published that they had 22 victims in India in 2023.

Motilal Oswal: LockBit claimed responsibility for hacking one of India’s top brokerage firms, Motilal Oswal.

Granules India: LockBit claimed responsibility for a cyberattack on Indian pharmaceutical giant Granules India.

Fullerton India Credit Ltd. : LockBit 3.0 targeted Fullerton India Credit Ltd., an Indian non-banking financial company (NBFC).

India's National Aerospace Lab: LockBit claimed responsibility for a cyberattack targeting India's state-owned aerospace research lab.


 

 


Post a Comment

0 Comments