June 5, 2024 at 06:50PM
The FBI has obtained over 7,000 LockBit decryption keys to help victims recover encrypted data for free. This follows the takedown of LockBit’s infrastructure in “Operation Cronos.” Despite this, LockBit remains active, targeting victims worldwide and leaking stolen data. The U.S. State Department offers rewards for information leading to arrests related to LockBit ransomware.
Key meeting takeaways:
1. The FBI has obtained over 7,000 LockBit decryption keys and is urging past victims to come forward to recover encrypted data for free.
2. “Operation Cronos” in February 2024 led to the takedown of LockBit’s infrastructure and the seizure of 34 servers containing over 2,500 decryption keys. This facilitated the development of a free LockBit 3.0 Black Ransomware decryptor.
3. The U.K.’s National Crime Agency and the U.S. Justice Department estimate that LockBit and its affiliates have earned up to $1 billion in ransoms from 7,000 attacks worldwide between June 2022 and February 2024.
4. Despite law enforcement efforts, LockBit remains active and has transitioned to new servers and dark web domains while targeting victims worldwide.
5. The recent cyberattack on Canadian pharmacy chain London Drugs has been attributed to LockBit, following an operation that revealed the identity of the gang’s leader, Dmitry Yuryevich Khoroshev.
6. Several Lockbit ransomware actors have been arrested and charged in recent years, and the U.S. State Department offers rewards for information leading to the arrest or conviction of LockBit leadership and affiliates.