LockBit Ransomware Gang Returns, Taunts FBI and Vows Data Leaks

Despite arrests, infrastructure seizure and international law enforcement efforts, LockBit ransomware has resurfaced, promising robust security and threatening aggressive cyber attacks on UK and USA government sectors.

The leader of the LockBit ransomware, whose identity is still unknown to authorities, admitted negligence in letting the FBI and the UK’s National Crime Agency control its servers via a PHP attack but promised backups and continued operations. The announcement comes only a week after the group was neutralized in Operation Cronos, a multinational law enforcement investigation, reportedly neutralized the ransomware gang.

The message from the gang’s admin which directly addressed the FBI and the NCA, revealed that servers without PHP installed in backup blogs are unaffected and will continue to release stolen data from targeted companies, even after the FBI hack, and stolen data will be published on the LockBit blog.

The admin claims that Operation Cronos was successful because of their negligence and irresponsibility in “not updating PHP settings on their servers in good time.” They denied Operation Cronos investigators’ claims regarding arresting their two alleged affiliates, the gang donating to a Crimea-based Russian propagandist (Sevastapol Colonel Cassad), and recovering a high number of decryptors. 

Hack Read​ 02/26/2024