An online site run by a major criminal gang who organise ransomware cyber attacks appears to have been taken over by law enforcement.
The site belongs to the group LockBit.
It sells services which allow people to compromise computer networks and hold their data until a ransom is paid.
On Monday evening, a message appeared on the site belonging to the group saying it is “now under control of law enforcement”.
The message says that the “site is under the control of the National Crime Agency of the UK, working in close cooperation with the FBI and the international law enforcement task force, ‘Operation Cronos’.”
It adds that this is an “ongoing and developing operation” and adds: “Return here for more information at 11:30 GMT on Tuesday, February 20th”.
The operation was conducted by Britain’s National Crime Agency, the US Federal Bureau of Investigation, Europol and a coalition of international police agencies, according to the post on LockBit’s website.
The UK’s National Cyber Security Centre (NCSC) has previously issued a warning about the “enduring threat” posed by the group, alongside partner agencies in the US, Australia, Canada, France, Germany and New Zealand.
The statement from last year adds that LockBit’s eponymous software was the “most deployed ransomware variant” across the world in 2022, and that it “continues to be prolific so far in 2023”.
LockBit has been involved in many high profile hackings, including the UK’s Royal Mail in early 2023. The group and its affiliates make money by stealing sensitive data and threatening to leak it unless their victims pay a ransom.
LockBit was first discovered in 2020, according to Reuters, when the software surfaced on Russian language forums, leading some analysts to believe the group is based in Russia.