💰💣

LockBit Security Incident

20/02/2024 580 days ago Resolved

Incident Overview

Situation Description

The National Crime Agency (NCA) has disrupted LockBit, the world's most harmful cybercrime group, by taking control of their services and compromising their criminal enterprise.

Event Types

Ransomware Malware / Destructive Attack

Industry Sector

Other

Geographic Scope

Global

Response Actions

Isolated Compromised Systems Restored Systems from Secure Backups Conducted Threat Hunting & Eradication Shared Threat Intelligence Collaborated with Peers / Community

Impact Analysis

Event Types (2 identified)

Ransomware Malware / Destructive Attack

Financial Impact

$0 USD

Records Affected

Data Types Compromised

PII (Personally Identifiable Information) Financial Data (Credit Cards, Bank Accounts) Credentials Government Data Source Code Operational / System Data

Primary Impacts

Financial Loss Data Exposure Operational Disruption

Key Decisions Made

The NCA has taken control of LockBit's primary administration environment and public-facing leak site.; The NCA has obtained the LockBit platform's source code and a vast amount of intelligence.; Over 1,000 decryption keys have been obtained to assist victims.

Technical Analysis

Attack Method

Unknown

Threat Actor Attribution

LockBit

Vulnerability / Tool

Stealbit

Additional Information

Skip to content Quick exit Cymraeg Reporting SARs Protecting the public from serious and organised crime Who we are show submenu for Who we are Our mission Our people Our leadership Governance and transparency Inclusion, diversity and equality Publications What we do show submenu for What we do What we investigate Border vulnerabilities Bribery, corruption and sanctions evasion Cybercrime Child sexual abuse and exploitation Drug trafficking Illegal firearms Fraud Kidnap and extortion Missing persons Modern slavery and human trafficking Money laundering and illicit finance Organised immigration crime Operation Stovewood: Rotherham child sexual abuse investigation How we work Intelligence: enhancing the picture of serious organised crime affecting the UK Investigating and disrupting the highest risk serious and organised criminals Providing specialist capabilities for law enforcement Supporting victims and survivors National Strategic Assessment for Serious and Organised Crime Underworld: Behind the scenes of the NCA Podcast News show submenu for News All news Careers show submenu for Careers How to join the NCA Applying and onboarding Current vacancies A day in the life Benefits and support Most Wanted Contact us show submenu for Contact us Verify an NCA Officer Complaints Search Share this page: Share this page: News International investigation disrupts the worlds most harmful cyber crime group Expired Cybercrime The National Crime Agency is today, Tuesday 20 February, revealing details of an international disruption campaign targeting LockBit, the worlds most harmful cyber crime group. Today, after infiltrating the groups network, the NCA has taken control of LockBits services, compromising their entire criminal enterprise. LockBit have been in operation for four years and during that time, attacks utilising their ransomware were prolific. LockBit ransomware attacks targeted thousands of victims around the world, including in the UK, and caused losses of...

... (truncated for display)

Quick Facts

Company:: LockBit
Date:: 20/02/2024
Status:: Resolved
Decision Maker:: National Crime Agency (NCA)
Position:: nan
Published:: 20/02/2024

Source Information

Original Query

FBI takedown of ALPHV/BlackCat infrastructure impact on victim recovery

View Original Source

Timeline

Information Published

20/02/2024

Incident Occurred

20/02/2024 (580 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats