Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Filter by Categories

LockBit Disruption by International Operation

What Happened

In a groundbreaking international effort, law enforcement agencies have successfully disrupted LockBit, a highly notorious cybercrime gang. LockBit is known for its widespread ransomware attacks, where it encrypts victims’ data and demands ransom for its release.

This operation, named “Operation Cronos,” included the National Crime Agency (NCA) of Britain, the FBI, Europol, and partners from around the world. The agencies publicly announced the success of the operation when the NCA took control of LockBit’s extortion website.

The operation involved agencies from 11 countries, including:

  • Australia,
  • Canada,
  • Finland,
  • France,
  • Germany,
  • Japan,
  • the Netherlands,
  • Sweden,
  • Switzerland,
  • the UK,
  • the US.

Together, they managed to seize multiple darknet domains operated by LockBit, displaying a seizure banner on the group’s .onion site. This coordinated action exploited a critical security flaw in PHP, CVE-2023-3824. Consequently, the agencies dismantled the websites and obtained comprehensive information about LockBit’s operations.

Despite this significant setback for LockBit, the group claims to have backup servers that were unaffected by the law enforcement actions. We sincerely hope that the gang will not resurface, similar to Black Cat.

This LockBit disruption signifies a major achievement in the global effort to combat ransomware and cyber extortion. The operation showcases the effectiveness of collaborative international law enforcement in dismantling cybercriminal networks, setting a precedent for future actions against similar threats.

About LockBit

Discovered in 2020, LockBit quickly became one of the most dominant forces in the world of ransomware, known for its business-like operation and extensive recruitment of affiliates to deploy its malicious software.

LockBit, unlike other cybercrime groups, operates solely for profit and claims to be based in the Netherlands while remaining apolitical. It has targeted more than 1,700 organizations in the US across various industries. Notably, it has affected high-profile victims such as Boeing.

LockBit’s approach to ransomware involves treating it as a business and recruiting affiliates to spread its malicious software. This strategy has made the gang a significant player in the cybercrime landscape. However, the recent law enforcement action serves as a powerful countermeasure against the group’s activities.

The LockBit disruption is a significant moment in the battle against cybercrime. It demonstrates the effectiveness of international cooperation. As the operation progresses, it sends a strong message to other cybercriminal groups that the global community is determined to fight ransomware and protect victims around the world.



Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.