LockBit: Fall of ransomware leader – details of international police operation

LockBit – Delegitimized Ransomware Group

LockBit, one of the most dangerous ransomware groups, recently found itself in hot waters. The leader of the group, LockBitSupp, recently gave an interview where he admitted that his group’s infrastructure was dismantled as part of an international law enforcement operation in February 2022.

Effects of Law Enforcement Actions

The National Crime Agency in the UK announced this operation, stating that LockBit is now effectively redundant, and the hacking tools, cryptocurrency accounts, and source code of the group have been seized.

Attacks on Hospital Systems

LockBit was involved in numerous attacks on hospital systems and critical infrastructure, including an attack on the largest children’s healthcare center in Canada and two hospitals in New York.

Consequences of Police Actions

Several individuals associated with LockBit have been arrested in Ukraine and Poland, with more arrests expected. LockBitSupp, likely a Russian national, may be shielded from arrest if situated in Russia.

LockBitSupp’s Reaction

During the interview, LockBitSupp expressed surprise at how law enforcement agencies breached their systems and appeared undeterred by the consequences for their business, claiming it motivates him to work even harder.

LockBitSupp denied allegations that data allegedly destroyed after ransom payment was found on their platform, accusing the FBI of attempting to smear their reputation.

Reaction of LockBitSupp’s Partners

Despite the police actions, LockBitSupp’s partners continue to collaborate with the group. Some partners have been scared off, but the majority remain on board.

Future Plans

LockBitSupp sees no direct competition in the ransomware space, claiming they are too strong for potential rivals. The leader of LockBit plans to work until the end of his life, aiming to target a million companies worldwide before retiring.