What Happened
An international law enforcement operation, ‘Cronos’, has made a significant progress on dismantling the LockBit ransomware group.
This operation involved collaboration from the FBI, the U.S. Department of Justice, the NCA, Europol, and police forces from 10 countries. Together, they disrupted LockBit, a group notorious for its ransomware-as-a-service (RaaS) model.
Since late 2019, LockBit has targeted major companies such as Boeing and Bank of America, causing substantial financial and data losses worldwide. For more information about the operation and LockBit, please refer to our news article.
Updates on the Operation
Operation Cronos has made significant progress in the battle against LockBit. Authorities seized 34 servers linked to the group and arrested two individuals. They also froze 200 cryptocurrency accounts tied to LockBit’s criminal proceeds and closed 14,000 related accounts. Moreover, law enforcement took control of LockBit’s victim extortion portal. They transformed it into a resource for decryption tools and legal information.
In this operation, PRODAFT played a pivotal role. The cybersecurity firm mapped LockBit’s infrastructure, identified over 28 affiliates, and obtained the locker’s source code. They also mapped the network of initial access brokers. Additionally, they notified organizations at risk in advance. This effort significantly contributed to the operation’s success.
This operation marks a critical step towards dismantling LockBit’s network and hints at more arrests in the future. However, in the meantime, surviving key members might launch a new Ransomware-as-a-Service (RaaS) under a different brand. Moreover, remaining affiliates could switch to other ransomware operations, continuing to profit from their malicious activities. Nevertheless, the fight against cybercrime is ongoing.
About PRODAFT
PRODAFT, instrumental in the efforts to dismantle LockBit, is a pioneering cyber threat intelligence company. Since its establishment in 2012, PRODAFT has focused on preventing security breaches before they happen, and one of the partners of Cubic Consulting.
Their intelligence platforms, notably the U.S.T.A. (Unified Security Threat Alliance) and BLINDSPOT, analyze and verify threats. The sources they use also include the Dark Web. They offer deep analysis and actionable intelligence to effectively combat cyber threats.
- Meta Unveils End-to-End Encryption for Messages and Calls
- Google Highlights Escalating Zero-Days in 2023 Analysis
- Verizon’s Insider Data Breach Impact 63000+ Employees
- Okta Breach Update: 100% of Customer Base Affected
- NIST Releases Enhanced Cybersecurity Framework 2.0
- [CVSS 9+] Microsoft Jan 24 Patch Tuesday Highlights