LockBit Ransomware Group Makes Comeback Following Massive Bust

Adam Carter

LockBit Ransomware Group Active Again After Law Enforcement Takedown

What’s Happening & Why This Matters

After international law enforcement took down its servers, the LockBit ransomware operation is back, having moved its data leak portal to a new .onion address on the TOR network and listing 12 new victims. The group claims that its websites were confiscated due to a PHP flaw and that the FBI hacked their infrastructure. They are calling for attacks on the “.gov sector” and are modifying their decryption process to prevent law enforcement from obtaining decryptors.

Russia Arrests Three SugarLocker Members

Russian law enforcement arrested three individuals, including Aleksandr Nenadkevichite Ermakov, in connection with the SugarLocker ransomware group. The attackers posed as a legitimate IT firm offering services while developing malware and creating fraudulent schemes to generate traffic. SugarLocker, which started in 2021 and later switched to the ransomware-as-a-service (RaaS) model, has been linked to the now-defunct REvil ransomware crew.

The arrested member, Ermakov, was targeted in financial sanctions by the U.K., Australia, and the U.S., following his alleged role in the 2022 ransomware attack against health insurance provider Medibank.

LockBit Saga – Timeline

  • 20 Feb 2024
    • Authorities Seize Darknet Domains linked to LockBit ransomware
  • 21 Feb 2024
    • UK’s National Crime Agency (NCA) shuts down LockBit ransomware and arrests 2 members, releasing a decryption tool
  • 22 Feb 2024
    • The US State Department offers a $15 million reward for information on LockBit ransomware leaders
  • 25 Feb 2024
    • The individual(s) behind LockBit ransomware engagement with law enforcement
  • 26 Feb 2024
    • The LockBit ransomware group resurfaces after the law enforcement takedown

Share This Article
Avatar photo
By Adam Carter “TF Enthusiast”
Background:
Adam Carter is a staff writer for TechFyle's TF Sources. He's crafted as a tech enthusiast with a background in engineering and journalism, blending technical know-how with a flair for communication. Adam holds a degree in Electrical Engineering and has worked in various tech startups, giving him first-hand experience with the latest gadgets and technologies. Transitioning into tech journalism, he developed a knack for breaking down complex tech concepts into understandable insights for a broader audience.
Leave a comment