LONDON: A website known for facilitating cyber attacks and ransomware operations, LockBit, has been seemingly seized by UK law enforcement, according to a message displayed on the site on Monday evening.
The message indicates that the website is now under the control of The National Crime Agency of the UK, in collaboration with the FBI and the international law enforcement task force, ‘Operation Cronos’.
LockBit gained notoriety as one of the leading ransomware threats following the shutdown of the Hive ransomware operation by US law enforcement in January 2023, which extorted over $100 million from numerous victims worldwide.
Recent attacks attributed to LockBit include incidents involving Britain’s Royal Mail and a Canadian children’s hospital, resulting in substantial financial gains for the perpetrators.
LockBit, along with Hive, operates under the “ransomware as a service” (RaaS) model, where criminal entities lease software and techniques to extort money from victims.
Initial access brokers, specialized in breaching corporate systems, sell access to hackers or ransomware operators, who in turn rely on RaaS developers like LockBit to create the malware required for their operations.
RaaS developers offer comprehensive services to operators, typically receiving a significant share of the ransom payments made by victims.
Once activated, ransomware encrypts the target’s files and data, demanding payment in exchange for decryption keys, with ransom amounts varying widely based on the target’s financial capacity.
The intervention by UK law enforcement represents a significant blow to ransomware operations and underscores international efforts to combat cybercrime and protect victims from extortion schemes.
