FBI, UK Take Down LockBit Ransomware Systems

The FBI and the U.K.’s National Crime Agency seized Lockbit ransomware group servers on Monday as part of ongoing efforts to diminish the infrastructure of cybercriminal entities.

A senior FBI official revealed that the international operation took control of a website LockBit used to leak victims’ data, the group’s file-sharing service and communications server and an administrative panel server, among others, CyberScoop reported.

The bureau obtained almost 1,000 decryption keys that could aid in addressing ongoing LockBit extortion efforts.

Brett Leatherman, deputy assistant director of cyber operations at the FBI, said the operation demonstrates the bureau’s mission to penalize malicious cyber actors and aid their victims.

LockBit is considered the world’s most widely used ransomware variant. Leatherman explained that at least 2,000 organizations, including 1,600 in the United States, have fallen victim to the cybercrime tool, leading to over $144 million in ransomware payments.

According to cybersecurity firm Dragos, a quarter of all ransomware attacks on industrial facilities used LockBit.

News of the operation comes after a joint operation earlier in February between the FBI and the Department of Justice to bring down botnet infrastructure used by China-backed hacking campaign Volt Typhoon.