For information that identifies or locates any of the LockBit ransomware gang’s leaders, a sizable reward is being offered.
The US State Department has made the bounty offer in response to the criminal organization’s activities being disrupted this week.
Since its inception in 2020, LockBit has targeted thousands of victims worldwide, costing billions of dollars in ransom payments and recovery.
Operation Cronos, which has taken over LockBit’s backend infrastructure, was developed in collaboration by the National Crime Agency of the United Kingdom (NCA ), the FBI, and other parties. Instead of publishing stolen victim data, the LockBit leaks website is now disclosing the criminal organization’s activities.
Due to its dominance in the market, LockBit has been referred to as” The Walmart of ransomware.”
In a wonderful ironic twist, it seems that, like ransomware attackers, law enforcement officials were able to take control of LockBit’s infrastructure by taking advantage of an unfixed PHP vulnerability in the system.
To demonstrate the extent of LockBit’s “pwning,” the NCA has made screenshots of the company ‘ exposed source code, backend administration panel, and redacted images of negotiations between Lockbit affiliates and their victims public.
The good news is that even before the bounty was announced, the authorities had some success apprehending some people they believed to be members of the LockBit gang. A 38-year-old man and a father and son were both detained this week in Poland and Ukraine, respectively.
For a potential reward, anyone with knowledge of LockBit criminal gang members can get in touch with the FBI via email, Telegram, or Signal (1- 646- 258- 2533 ).
The best news of all, of course, is that a decryption tool has been made available, eliminating the need for LockBit victims to pay ransom in order to regain access to their data.
The FBI should be contacted by victims based in the US at https ://lockbitvictims .ic3.gov/.
Editor’s Note: Tripwire does not necessarily share the opinions expressed in this guest author article; they are solely those of the contributor.