October 1, 2024 at 04:39PM
In recent actions under Operation Cronos, Europol and Eurojust have made multiple arrests and seized devices associated with the LockBit ransomware gang. New ties have been revealed between LockBit and the infamous Evil Corp cybercrime organization. Efforts are ongoing to recover files affected by LockBit ransomware in various sectors through the development of decryption tools.
Key takeaways from the meeting notes on Operation Cronos:
– Europol and Eurojust have taken action against the LockBit ransomware gang, resulting in four arrests and the seizure of devices used in the ransomware’s infrastructure.
– Aleksandr Ryzhenkov, previously associated with the Evil Corp cybercrime organization, was sanctioned and named as an affiliate for LockBit, indicating ties between the two groups.
– The arrests included a suspected developer for the group in France, two LockBit affiliates apprehended by British authorities, and a bulletproof hosting service administrator arrested by Spanish police, who also confiscated nine servers.
– The US, UK, and Australia imposed sanctions against Ryzhenkov, identifying him as a top lieutenant to Evil Corp leader Maxim Yakubets. The US unsealed an indictment against him and sanctioned 16 others linked to the gang.
– Evil Corp largely disappeared from the cybercrime scene following US sanctions in 2019 and the exposure of their inner workings, including ties between Yakubets and an FSB agent.
– Ryzhenkov was key to the development of Evil Corp’s post-sanctions WastedLocker ransomware and later turned up as a LockBit affiliate, even though LockBit denies having any working relationship with Evil Corp.
– Law enforcement agencies have taken further action, exposing critical ties between LockBit and Evil Corp.
– LockBit ransomware has been deployed across various sectors, with different attack tactics used by the threat actors, prompting efforts by law enforcement agencies to develop decryption tools to recover encrypted files.
These takeaways provide a clear overview of the recent actions against the LockBit ransomware gang and its affiliations with other cybercrime organizations, as well as ongoing efforts by law enforcement to combat the ransomware activities.