February 20, 2024 at 12:39AM
An international law enforcement operation, codenamed Operation Cronos, led to the seizure of darknet domains operated by LockBit ransomware group, involving 11 countries. Exploiting a security flaw, authorities gained control of sites, revealing extensive data on victims and operations. This blow follows the dismantling of BlackCat ransomware, impacting LockBit’s operations.
Based on the meeting notes, the key takeaways are:
1. International law enforcement conducted Operation Cronos, resulting in the seizure of multiple darknet domains operated by ransomware group LockBit.
2. The operation involved authorities from 11 countries along with Europol, and the exploit used to take down the websites involved a critical security flaw in PHP.
3. Law enforcement agencies have claimed possession of the “source code, details of the victims, the amount of money extorted, the data stolen, chats, and much more” from LockBit, exposing their flawed infrastructure and dealing a blow to their near-term operations.
4. LockBit emerged in 2019 and has been one of the most active and notorious ransomware gangs, extorting at least $91 million from U.S. organizations.
5. The takedown comes after the BlackCat ransomware operation dismantlement and also coincides with the arrest of a Ukrainian national for unauthorized access to Google and online bank accounts.
Let me know if anything else is needed!