{"id":10838,"date":"2024-02-20T13:09:44","date_gmt":"2024-02-20T11:09:44","guid":{"rendered":"https:\/\/forklog.com\/en\/uk-authorities-seize-lockbit-ransomware-sites\/"},"modified":"2024-02-20T13:09:44","modified_gmt":"2024-02-20T11:09:44","slug":"uk-authorities-seize-lockbit-ransomware-sites","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/uk-authorities-seize-lockbit-ransomware-sites\/","title":{"rendered":"UK Authorities Seize LockBit Ransomware Sites"},"content":{"rendered":"<p>Darknet sites operated by the hacker group LockBit have come under the control of the UK&#8217;s National Crime Agency, reports <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/lockbit-ransomware-disrupted-by-global-police-operation\/\">Bleeping Computer<\/a>.<\/p>\n<p>Authorities confirmed to the media the seizure of resources as part of the ongoing Operation Cronos, involving the FBI, Europol, and colleagues from 11 countries. They promised to provide further details later.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh7-eu.googleusercontent.com\/Nys2MNa3uAxx6ahOl-XuqUVapw5NXgQgYWhf9YSrwOX2F74lyk_DZAq0msHxClREQcllDRnIblnkRMuAdR0Qd2POUysfpwve0vhFsX32O_2OBc6nOxbPucP9NG9U7958Nk-yEIXoDT_Tw-Euwrl0aYU\" alt=\"UK Authorities Seize LockBit Ransomware Sites\"\/><figcaption class=\"wp-element-caption\">Placeholder on the LockBit leak site. Data: Bleeping Computer.<\/figcaption><\/figure>\n<p>A representative of the group, known as LockBitSupp, <a href=\"https:\/\/twitter.com\/vxunderground\/status\/1759703708785365068\">claims<\/a> that the FBI hacked them using a <a href=\"https:\/\/ru.wikipedia.org\/wiki\/PHP\">PHP<\/a> vulnerability. It is presumably related to the exploitation of <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-3824\">CVE-2023-3824<\/a>.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"und\" dir=\"ltr\">Lockbit ransomware group has issued a message to individuals on Tox.<\/p>\n<p>&#8220;\u0424\u0411\u0420 \u0443\u0435\u0431\u0430\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0447\u0435\u0440\u0435\u0437 PHP, \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0431\u0435\u0437 PHP \u043d\u0435 \u0442\u0440\u043e\u043d\u0443\u0442\u044b&#8221;<\/p>\n<p>&#8220;The FBI fucked up servers using PHP, backup servers without PHP are not touched&#8221;<\/p>\n<p>\u2014 vx-underground (@vxunderground) <a href=\"https:\/\/twitter.com\/vxunderground\/status\/1759703708785365068?ref_src=twsrc%5Etfw\">February 19, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In addition to the leak site, police have disabled LockBit&#8217;s &#8220;affiliate&#8221; panel. According to the statement, law enforcement has access to &#8220;source code, victim data, ransom amounts, stolen data, chats, and much more.&#8221;<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh7-eu.googleusercontent.com\/RcfT9ssv6QpPOLuBud8ce6DybopK-NwZFhVatd1cXwvsTQTJQstAyKt0sPua8oYg3Xa7dw0moYSDgqZYuEz1nJXd7IznEigVxPh6vqryIEBNcIC8kFr9CRWwtu-JNkFVshEQGDdj8qIj66cr8v6E7mI\" alt=\"UK Authorities Seize LockBit Ransomware Sites\"\/><figcaption class=\"wp-element-caption\">Data: Bleeping Computer.<\/figcaption><\/figure>\n<p>However, several other LockBit darknet resources, including sites for data hosting and private messaging, remain operational.<\/p>\n<p>The LockBit group emerged in 2019 and is considered one of the most active. Its victims include tire manufacturer Continental, Boeing, fast-food chain <a href=\"https:\/\/u1f987.com\/en\/news\/major-data-breach-uncovered-trickbot-developer-sentenced-and-other-cybersecurity-events\">Subway<\/a>, Bank of America, the Italian tax service, and others.<\/p>\n<p>In early 2020, hackers released user data from the cryptocurrency exchange BTC-Alpha and reported stealing information from over 100,000 clients of the PayBito platform.<\/p>\n<p>According to Recorded Future, LockBit has conducted at least 2,300 attacks worldwide. The group extorted over $91 million from American companies alone, <a href=\"https:\/\/www.cisa.gov\/sites\/default\/files\/2023-06\/aa23-165a_understanding_TA_LockBit.pdf\">calculated<\/a> by the <span data-descr=\"Cybersecurity and Infrastructure Security Agency of the USA\" class=\"old_tooltip\">CISA<\/span>.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh7-eu.googleusercontent.com\/jBV5lrbjz-xjPiHQHBloK3OLHZ1RIkuDljYAUEWpgjgCKFlS3bu9y01kcHObPhd-NbkDtqj6evCOmF60hJ6_H8PFiu2foSToIvX2AVpvHFCjzJ3LF_Ry5cFmP9WXNlsG5rhHIqm6zz09AoaNKBSmGqU\" alt=\"UK Authorities Seize LockBit Ransomware Sites\"\/><figcaption class=\"wp-element-caption\">Data: Recorded Future.<\/figcaption><\/figure>\n<p>In November 2022, Canadian authorities arrested 33-year-old Russian Mikhail Vasiliev on suspicion of large-scale hacking attacks using the LockBit ransomware.<\/p>\n<p>Later, the US Department of Justice announced the capture of 20-year-old Russian citizen Ruslan Astamirov for distributing the same ransomware.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Darknet sites operated by the hacker group LockBit have come under the control of the UK&#8217;s National Crime Agency, reports Bleeping Computer. Authorities confirmed to the media the seizure of resources as part of the ongoing Operation Cronos, involving the FBI, Europol, and colleagues from 11 countries. They promised to provide further details later. Placeholder [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":10837,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,477,810],"class_list":["post-10838","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-darknet","tag-united-kingdom"],"aioseo_notices":[],"amp_enabled":true,"views":"25","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/10838","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=10838"}],"version-history":[{"count":0,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/10838\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/10837"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=10838"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=10838"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=10838"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}