Law Enforcement Agencies Mock New LockBit Revelations
The dark web leak site seized by LockBit appears set to host new information gleaned from ongoing investigations into the gang’s operation.
New revelations about the LockBit ransomware gang may be coming, according to the operation’s former dark web leak site.
A number of law enforcement agencies shut down the LockBit leak site in February, replacing it with a similar site that boasted about its success.
“This site is now under the control of the UK National Crime Agency, working in close co-operation with the FBI and the international law enforcement task force, ‘Operation Cronos’,” the site said at the time .
Now, the same site has been resurrected, teasing a whole new set of information arriving in a couple of days.
Various parts of the site were updated on May 2, all promising that more information would be posted on May 7, including an answer to the “10 million dollar question: who is LockBitSupp.” LockBitSupp is the apparent leader of the gang, and law enforcement agencies involved in taking down the site have already suggested that the individual is based in Russia and had “become involved with authorities.”
The NCA also suggests that it will soon shed light on some of LockBit’s affiliates while sharing details obtained from the gang’s back-end systems.
“More LB hackers exposed,” read a tile on the seized site. “After compromising the LockBit platform, law enforcement will coordinate activity to deal with LockBit affiliates.”
“What have we learned?” said another. “Some back-end facts and figures.”
Again, a date of May 7 is given to share these details.
The Australian Federal Police participated in Operation Cronos, and its logo appeared alongside other law enforcement agencies including Europol, the Metropolitan Police and the Department of Justice.
I guess we’ll be watching this space to see what new information authorities are willing to share about LockBit’s activities. Despite the closure of the gang’s site in February, LockBit still regularly posts victim details on several new darknet sites.
LockBit’s most recent victim was Australian call center operator OracleCMS, which saw data from several Australian councils, religious groups and businesses compromised in a ransomware attack in April.