LockBit's seized darknet site resurrected by police, teasing new revelations
2024-5-6 04:16:23 Author: therecord.media(查看原文) 阅读量:10 收藏

The ransomware service LockBit’s darknet extortion site, which had been shuttered earlier this year after being infiltrated by law enforcement, reappeared on Sunday with police teasing fresh information about the criminals involved.

It follows the closure of the site in February, after the United Kingdom’s National Crime Agency (NCA) announced they had hacked the ransomware-as-a-service platform and “gained unprecedented and comprehensive access to LockBit’s systems.”

While the site had previously been used to publish stolen information from the ransomware gang’s victims, under the control of the NCA it was instead used to show off how much information investigators had obtained from the service’s backend.

This information was published under the proviso that what the police were releasing didn’t interfere with ongoing investigations. A week of revelations subsequently appeared on the site, each of them trailered beneath a countdown, including claims that LockBit did not delete data even when it had pledged to victims to do so.

The fruits of some of those investigations are likely to be published on the site soon, with the resurrected darknet page teasing a range of information alongside timers set to 14:00 UTC on Tuesday, May 6.

Following the disruption operation in February, in an interview with the Click Here podcast, the group’s purported leader LockbitSupp claimed investigators had overstated the depth of their access into the gang’s backend infrastructure.

During the initial week of revelations, the final big reveal — a tile titled “Who is LockbitSupp?” — suggested that law enforcement would finally de-anonymise the site’s administrator.

But when the post was published, it did not provide a name. Instead, it stated that LockbitSupp had lied about living in the United States and the Netherlands, and suggested he actually lived in Russia. This location, which many had otherwise assumed, appeared alongside the assertion that he drove a Mercedes and the oblique claim that he had “engaged with law enforcement.”

That the post did not reveal a name was, as The Register put it, “a bigger letdown than Game of Thrones Season 8.” “Who is LockbitSupp? The $10 million question,” repeats the current version of the splash page, suggesting that Tuesday’s announcement won’t prove similarly anticlimactic. 

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.


文章来源: https://therecord.media/lockbit-ransomware-gang-seized-site-reappears-teasing-new-information
如有侵权请联系:admin#unsafe.sh