LockBit ransomware group dismantled

In a joint international operation dubbed Operation Cronos, law enforcement agencies from 10 countries have successfully dismantled the LockBit ransomware operation. The LockBit data breach site now displays a banner indicating that it is under the control of the UK's National Crime Agency (NCA), in coordination with the FBI.

The operation has resulted in the seizure of LockBit's affiliate panel, with a message from the NCA detailing the seizure of LockBit's source code, conversations and victim information. LockBit's victims include the UK's Royal Mail, the city of Oakland, automotive giant Continental and the Italian Internal Revenue Service.

This action follows other recent law enforcement efforts, such as the seizure of ALPHV (BlackCat) ransomware servers and Hive ransomware payment and data breach sites. The joint warning by US and allied cybersecurity authorities last June revealed that LockBit has extorted at least $91 million from US organisations through 1,700 attacks since 2020.