After many months of taunting legislation enforcement and providing a million-dollar reward to anybody who might reveal his identification, the FBI and NCA have accomplished simply that, revealing the identify of LockBitSupp, the operator of the LockBit ransomware operation.
On February 19, Operation Cronos took down LockBit’s infrastructure and transformed its knowledge leak web site right into a legislation enforcement press launch web site the place they launched details about the police actions.
After being inactive for months, the web site went reside once more on Sunday, teasing new data that might be launched, together with the doable identification of the LockBit admin.
On Tuesday, the NCA, Europol, and the FBI revealed the identification of LockBitSupp, a 31-year-old Russian nationwide named Dmitry Yuryevich Khoroshev.
Since then, the LockBit operation has been on a revenge spree, leaking the names of 119 victims allegedly attacked by the ransomware operation.
Whereas LockBitSupp says they aren’t going wherever and can proceed to conduct assaults, it could not be shocking to see them shut down and rebrand a brand new operation within the close to future.
In different information, an assault on healthcare large Ascension has brought on huge disruption to the healthcare system, inflicting ambulances to be diverted from a number of hospitals and methods offline, together with medical information.
Based on CNN, the assault has been linked to the Black Basta ransomware operation.
Different ransomware assaults we realized extra about this week are:
Contributors and people who offered new ransomware data and tales this week embody: @billtoulas, @serghei, @fwosar, @LawrenceAbrams, @malwrhunterteam, @Seifreed, @Ionut_Ilascu, @BleepinComputer, @demonslay335, @snlyngaas, @pcrisk, @AJVicens, @chainalysis, @F_A_C_C_T_ , @zackwhittaker, @H4ckManac, and @JakubKroustek.
Could sixth 2024
Inspecting the Influence of Ransomware Disruptions: Qakbot, LockBit, and BlackCat
A historic surge of ransomware incidents and cost totals in 2023 was not with out resistance, as important actions had been taken towards ransomware actors in 2023 and early 2024, together with notable disruptions on Qakbot malware, and the LockBit and ALPHV-BlackCat ransomware-as-a-service (RaaS) teams.
Lockbit’s seized web site comes alive to tease new police bulletins
The NCA, FBI, and Europol have revived a seized LockBit ransomware knowledge leak web site to trace at new data being revealed by legislation enforcement this Tuesday.
Metropolis of Wichita shuts down IT community after ransomware assault
The Metropolis of Wichita, Kansas, disclosed it was pressured to close down parts of its community after struggling a weekend ransomware assault.
New STOP ransomware variants
Jakub Kroustek discovered new STOP ransomware variants that append the .qepi, .qehu, and .baaa extensions.
Could seventh 2024
LockBit ransomware admin recognized, sanctioned in US, UK, Australia
The FBI, UK Nationwide Crime Company, and Europol have unveiled sweeping indictments and sanctions towards the admin of the LockBit ransomware operation, with the identification of the Russian risk actor revealed for the primary time.
New XAM ransomware
PCrisk discovered a brand new ransomware that appends the .xam extension and drops a ransom word named unlock.txt.
Darkness is coming: a brand new group of MorLock ransomware has elevated the depth of assaults on Russian companies
MorLock, like many others we lined in our above-mentioned evaluation, is attacking Russian corporations utilizing LockBit 3 (Black) and Babuk ransomware . Within the present surroundings, there’s a collaboration of cyber gangs; they use comparable ways, methods and procedures (TTPs), in addition to an arsenal of instruments. All this creates sure “interference” that makes it tough to establish attackers, however it’s nonetheless doable to establish the attackers’ distinctive handwriting, which permits them to be attributed to a specific group.
Brandywine Realty Belief says knowledge stolen in ransomware assault
U.S. realty belief large Brandywine Realty Belief has confirmed a cyberattack that resulted within the theft of information from its community.
Could eighth 2024
College System of Georgia: 800K uncovered in 2023 MOVEit assault
The College System of Georgia (USG) is sending knowledge breach notifications to 800,000 people whose knowledge was uncovered within the 2023 Clop MOVEit assaults.
Metropolis of Wichita breach claimed by LockBit ransomware gang
The LockBit ransomware gang has claimed duty for a disruptive cyberattack on the Metropolis of Wichita, which has pressured the Metropolis’s authorities to close down IT methods used for on-line invoice cost, together with court docket fines, water payments, and public transportation.
Ascension healthcare takes methods offline after cyberattack
?Ascension, one of many largest non-public healthcare methods in the US, has taken a few of its methods offline to research what it describes as a “cyber security event.”
Boeing confirms tried $200 million ransomware extortion try
The cybercriminals who focused Boeing utilizing the LockBit ransomware platform in October 2023 demanded a $200 million extortion cost, the corporate stated Wednesday.
New STOP ransomware variant
Jakub Kroustek discovered a brand new STOP ransomware variant that appends the .qeza extension.
Could tenth 2024
Ohio Lottery ransomware assault impacts over 538,000 people
?The Ohio Lottery is sending knowledge breach notification letters to over 538,000 people affected by a cyberattack that hit the group’s methods on Christmas Eve.
Ascension redirects ambulances after suspected ransomware assault
Ascension, a serious U.S. healthcare community, is diverting ambulances from a number of hospitals attributable to a suspected ransomware assault that has been inflicting scientific operation disruptions and system outages since Wednesday.
