In a joint effort between the National Crime Agency of the UK, the FBI, and ‘Operation Cronos,’ authorities have seized control of the LockBit ransomware website.
The move follows the shutdown of the Hive ransomware operation in January 2023, which had extorted $100 million from over 1,500 victims globally, including prominent institutions like the Royal Mail and a Canadian children’s hospital.
LockBit, operating under the “ransomware as a service” (RaaS) model, reportedly amassed tens of millions of dollars in ransoms from around 1,000 victims, according to information released by the US Justice Department in November 2023.
RaaS enables individuals with minimal computer skills to enter the world of ransomware by leasing software and methods from developers like Hive or LockBit.
The dark web openly hosts providers offering ransomware services, including initial access brokers who break into computer systems and sell access to ransomware operators.
Ransomware operators heavily rely on RaaS developers, who possess programming skills to create sophisticated malware and evade security measures.
These developers take a significant share of the ransom paid out, providing comprehensive services to the operators.
Once activated, ransomware encrypts the target’s files and data, rendering them inaccessible.
Victims receive a message specifying the ransom amount for data decryption, with sums ranging from thousands to millions of dollars based on the target’s financial strength.
