TechLockBit mastermind faces 185 years as global authorities crack down

LockBit mastermind faces 185 years as global authorities crack down

The United States Department of Justice has charged Dmitry Yuryevich Khoroshev with creating and operating LockBit ransomware, which has been described as one of the "most productive and destructive" digital extortion tools in the world.

threats online
threats online
Images source: © Pixabay

14 May 2024 20:22

The Verge reports that Khoroshev has significantly impacted LockBit's operations since the group appeared in September 2019. In just a few years, it has victimised over 2,500 victims from at least 120 countries, bringing the group, led by Khoroshev, revenues of at least £400 million from ransoms.

how did LockBit work?

LockBit operated on the principle of "ransomware as a service," allowing cybercriminals to rent software to attack victims. The software provided by this group was attributed to several high-profile attacks, including on the UK mail, a children's hospital, and the small Canadian town of St. Marys in Ontario. As The Verge reports, in February of this year, U.S. and UK services seized the websites and servers used by LockBit, obtaining keys that could help organisations regain access to their data. Alongside Khoroshev, Arthur Sungatov and Ivan Kondratyev were also charged with using LockBit against victims in the USA.

what consequences does Khoroshev face?

Khoroshev, who took 20% of every ransom and managed the data leak site, is now charged with 26 offences, including conspiracy to commit fraud and eight counts of extortion involving the destruction of legally protected computers. He faces a total sentence of up to 185 years in prison for all this. The United States Department of Justice has also offered a reward of £8 million for information that helps capture him. The U.S. Attorney for the District of New Jersey, Philip R. Sellinger, emphasised that this is an important moment in the investigation against LockBit members, including Khoroshev, which has disrupted the group's activities and led to the indictment of two of its members.

was LockBit dismantled?

Despite significant law enforcement actions, the LockBit ransomware group continues to operate. Recent coordinated actions by the FBI and Europol aimed to dismantle the group's infrastructure and disrupt its operations. These included seizing servers, intercepting key infrastructure components, and transforming the group's data leak site into a law enforcement press portal. All these actions seriously disrupted LockBit's functioning.

The group's online infrastructure, including servers in the United States, was eliminated during the operation. At the same time, ransomware victims were provided with decryption keys, allowing the recovery of encrypted data without paying a ransom. Unfortunately, despite these efforts, some dark websites used by the group remain active, and the damages caused by previous attacks are irreversible.

source: The Verge

© Daily Wrap
·

Downloading, reproduction, storage, or any other use of content available on this website—regardless of its nature and form of expression (in particular, but not limited to verbal, verbal-musical, musical, audiovisual, audio, textual, graphic, and the data and information contained therein, databases and the data contained therein) and its form (e.g., literary, journalistic, scientific, cartographic, computer programs, visual arts, photographic)—requires prior and explicit consent from Wirtualna Polska Media Spółka Akcyjna, headquartered in Warsaw, the owner of this website, regardless of the method of exploration and the technique used (manual or automated, including the use of machine learning or artificial intelligence programs). The above restriction does not apply solely to facilitate their search by internet search engines and uses within contractual relations or permitted use as specified by applicable law.Detailed information regarding this notice can be found  here.