Hacker website taken over by UK-led law enforcement operation
A website run by criminal group LockBit now displays a message saying it is ‘now under the control of law enforcement’.
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.A website run by a criminal gang to distribute ransomware for use in cyber attacks has been taken over by law enforcement.
The site, belonging to the group LockBit, was overlaid with a message on Monday evening saying it was “now under the control of law enforcement”.
The message said the website was under the control of the UK’s National Crime Agency “working in close cooperation with the FBI and the international law enforcement task force, Operation Cronos”.
It says it is an “ongoing and developing operation” that also involves agencies from Germany, France, Japan, Australia, New Zealand and Canada, among others, including Europol.
The message added that the law enforcement agencies involved in the operation would provide more information later on Tuesday.
The site had been used by LockBit to sell services, including ransomware, to hackers which would allow them to breach people’s computer networks.
The group is believed to have been behind a number of high profile cyber attacks in recent years, including one on Royal Mail last year.
Ransomware is a form of malware which encrypts data and files inside a system and demands a ransom be paid in order to release them.
The National Cyber Security Centre (NCSC) has previously warned that ransomware remains one of the biggest cyber threats facing the UK, and urges people and organisations not to pay ransoms if they are targeted.
Chester Wisniewski, director, global field CTO at cybersecurity firm Sophos said the operation was a “huge win” for law enforcement, but warned that it was unlikely to have fully disrupted LockBit.
“Lockbit rose to be the most prolific ransomware group since Conti departed the scene in mid-2022.
“The frequency of their attacks, combined with having no limits to what type of infrastructure they cripple has also made them the most destructive in recent years,” he said.
“Anything that disrupts their operations and sows distrust amongst their affiliates and suppliers is a huge win for law enforcement.
“We shouldn’t celebrate too soon though.
“Much of their infrastructure is still online, which likely means it is outside the grasp of the police and the criminals have not been reported to have been apprehended.
“Even if we don’t always get a complete victory, imposing disruption, fuelling their fear of getting caught and increasing the friction of operating their criminal syndicate is still a win.
“We must continue to band together to raise their costs ever higher until we can put all of them where they belong, in jail.”