May 10, 2024 at 06:05PM
The FBI and NCA have revealed the identity of LockBitSupp, the operator of LockBit ransomware, as Russian national Dmitry Yuryevich Khoroshev. The ransomware operation has been on a revenge spree, leaking the names of 119 victims. Other ransomware attacks and disruptions, including on healthcare giant Ascension, have caused widespread damage. Operations against ransomware actors and new ransomware variants have also been reported.
Key takeaways from the meeting notes are as follows:
– The LockBit ransomware operator, LockBitSupp’s identity was revealed as Dmitry Yuryevich Khoroshev, a 31-year-old Russian national by the NCA, Europol, and the FBI.
– LockBit operation has been on a revenge spree, leaking the names of 119 victims allegedly attacked by the ransomware operation.
– Multiple ransomware attacks were reported, including an attack on the healthcare giant Ascension and the City of Wichita, Kansas. The attack on Ascension caused massive disruptions to the healthcare system.
– Names of some contributors and sources of new ransomware information and stories were mentioned, such as @billtoulas, @serghei, @fwosar, @LawrenceAbrams, @malwrhunterteam, @Seifreed, @Ionut_Ilascu, @BleepinComputer, @demonslay335, @snlyngaas, @pcrisk, @AJVicens, @chainalysis, @F_A_C_C_T_, @zackwhittaker, @H4ckManac, and @JakubKroustek.
– Historic surge of ransomware incidents and notable disruptions on Qakbot malware, and the LockBit and ALPHV-BlackCat ransomware-as-a-service (RaaS) groups were reported.
– The University System of Georgia (USG) confirmed a cyberattack that resulted in the theft of data.
– Other organizations affected by ransomware attacks include Boeing, the Ohio Lottery, and U.S. realty trust giant Brandywine Realty Trust.
– The LockBit ransomware gang has claimed responsibility for the cyberattack on the City of Wichita and the disruption of online bill payment systems.
– Ascension, one of the largest private healthcare systems in the United States, was forced to take some of its systems offline to investigate a suspected “cyber security event.”
These are the summarized takeaways from the meeting notes.