Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label LockBit cyberattack. Show all posts
Ransomware threats
Cyber Attacks FBI LockBit 3.0 LockBit cyberattack Ransomware Ransomware threats

FBI Reveals 7,000 Decryption Keys to Combat LockBit Ransomware

 

In a major development against cybercrime, the US Federal Bureau of Investigation (FBI) has disclosed the recovery of over 7,000 decryption keys to assist victims of the notorious LockBit ransomware gang. This revelation follows a disruptive international law enforcement operation against LockBit earlier this year. In February 2024, an international law enforcement effort, codenamed Operation Cronos, targeted LockBit’s infrastructure. 

This operation led to the takedown of LockBit’s data leak website and the seizure of 34 servers containing extensive data on the gang’s activities. Investigators uncovered more than 2,500 decryption keys from these servers, which the FBI is now offering to victims. The data gathered also facilitated the development of a free decryption tool for the LockBit 3.0 Black Ransomware. 

LockBit's Global Impact 

LockBit operates a ransomware-as-a-service model, providing tools to a network of affiliates who carry out cyberattacks globally. By 2022, LockBit had become the most deployed ransomware variant worldwide, causing billions of dollars in damages to victims, according to Bryan Vorndran, the FBI’s cyber assistant director. 

Further he said, “These LockBit scams run the way local thugs used to demand ‘protection money’ from storefront businesses. LockBit affiliates steal and encrypt data, demanding payment for its return. Even if the ransom is paid, victims are often subjected to further extortion as the criminals retain copies of the data and may demand additional payments to prevent its release online. 

FBI's Assistance to Victims 

The FBI is proactively reaching out to known LockBit victims, encouraging those affected to visit the Internet Crime Complaint Center. While the recovered decryption keys enable victims to regain access to their data, Vorndran cautioned that this does not prevent LockBit from potentially selling or releasing the data in the future.
“When companies are extorted and choose to pay to prevent the leak of data, you are paying to prevent the release of data right now—not in the future,” he said. 

Continued Threat 

The fight against ransomware is marked by ongoing challenges. Despite the significant strides made with Operation Cronos, the threat from LockBit remains. In 2022, authorities arrested LockBit associate Mikhail Vasiliev, who received a four-year prison sentence in March 2024. 

Additionally, last month, authorities identified the elusive LockBit leader as 31-year-old Russian national Yuryevich Khoroshev. Vorndran's warning underscores the persistent threat: “Even if you get the data back from the criminals, you should assume it may one day be released, or you may one day be extorted again for the same data.”
Read more »
Web Data
Cyber Security LockBit cyberattack Pelmorex parent company Russian ransomware group Web Data

The Weather Network Faces Ransomware Attack, Faces Data Leak Threat

 

The Russian hacking group, LockBit, has issued a threat to disclose internal data from Pelmorex, the parent company of The Weather Network, on the dark web. This comes in the wake of a cyberattack that disrupted the operations of the

Canadian company for several days last week. Pelmorex, headquartered in Oakville, Ontario, not only owns The Weather Network but also manages MétéoMédia, El Tiempo in Spain, and Canada’s AlertReady system.

Karen Kheder, Pelmorex's director of communications and administration, stated that, based on current knowledge, the attackers gained limited access to publicly available information. She revealed this information to The Globe and Mail.

LockBit has claimed to possess databases from Pelmorex's network, including access codes to the company's digital servers. The group has announced its intention to release this data via its dark web platform.

Kheder refrained from commenting on whether a ransom demand has been made, saying that any updates or changes in their findings would be communicated in accordance with the law.

LockBit employs a 'ransomware as a service' business model, wherein hackers often act independently but may share a portion of the ransom with the group. According to Canada's Communications Security Establishment, LockBit was responsible for approximately 22% of all ransomware attacks in Canada last year, making it the most prevalent digital threat.

In response to the breach, Pelmorex has enlisted the assistance of the Royal Canadian Mounted Police (RCMP) for an investigation, which is believed to be linked to a third-party software provider. The RCMP has not provided any comments on the ongoing investigation.

Kheder assured that the majority of Pelmorex's operations have been restored and that their apps and systems are now secure for use. However, she cautioned that users may encounter intermittent system downtimes and glitches as the company strives to return to normal operations.

Pelmorex is encouraging Canadians to update their Weather Network apps and has expressed apologies for any inconvenience caused by the incident.
Read more »
Subscribe to: Posts (Atom)