2024-02-20 14:33:31
Thousands of victims, hospitals or town halls targeted, losses totaling billions of euros… The LockBit cybercriminal group, presented as “the most harmful” in the world, was dismantled during an international police operation .
“After infiltrating the group’s network, the NCA (British crime agency, editor’s note) took control of LockBit’s services, compromising their entire criminal enterprise,” authorities in several countries announced on Tuesday.
According to them, the ransomware targeted “thousands of victims around the world” and caused losses which totaled billions of euros, including the ransoms paid and the costs incurred for the victims.
“We have hacked the hackers,” said Graeme Biggar, director general of the NCA, announcing the neutralization of LockBit during a press conference in London.
Millions of euros in ransom
LockBit targeted critical infrastructure and large industrial groups, with ransom demands ranging from 5 to 70 million euros. In 2023, the group notably attacked the British postal operator and a Canadian children’s hospital, and in France the Corbeil-Essonnes and Versailles hospitals in the Paris region.
Cybercriminals provided their “affiliates” with tools and infrastructure enabling them to carry out attacks. These consisted of infecting the victims’ computer network to steal their data and encrypt their files. A ransom was then demanded in cryptocurrencies to decrypt and recover the data, under penalty of publication of the victims’ data.
LockBit collected more than $120 million in ransoms in total, according to the United States, where a total of five people, including two Russian nationals, are facing prosecution.
Site “under control of law enforcement”
According to the head of the NCA, the investigations did not reveal “direct support” from the Russian state towards LockBit, but nevertheless underlined a “tolerance” towards cybercrime in Russia. “These are cybercriminals, they are based all over the world, there is a large concentration of these individuals in Russia and they often speak Russian,” he said.
LockBit is presented as one of the most active malware in the world, with more than 2,500 victims including more than 200 in France, “including hospitals, town halls, and companies of all sizes,” said in a press release. the Paris prosecutor’s office.
According to the British NCA, more than 200 cryptocurrency accounts linked to the group were frozen and investigators obtained more than 1,000 keys used to decrypt the data so they might return it to their owners.
ats/juma
1708441897
#harmful #hacker #group #world #dismantled #rts.ch