International law enforcement, led by the UK’s National Crime Agency, have disrupted ransomware gang Lockbit’s operation. The group behind notable hacks against aircraft manufacturer Boeing, chip giant Taiwan Semiconductor Manufacturing Company, sandwich chain Subway and thousands more had its site taken offline on Monday while authorities arrested major players behind the gang. “This site if now under the control of law enforcement,” the website reads. According to malware repository Vx-underground, law enforcement took down at least 22 Lockbit-affiliated Tor sites.

“Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems,” National Crime Agency Director General, Graeme Biggar, said in a statement. “As of today, LockBit are locked out. We have damaged the capability and most notably, the credibility of a group that depended on secrecy and anonymity.”

Lockbit admitted defeat, too. In a statement to Vx-underground, the group said “FBI pwned me.” Operation Cronos, the name law enforcement used for their efforts, also resulted in the seizure of source code and other useful data related to Lockbit’s operations. At the same time, authorities in Poland, Ukraine and the US arrested key members of the ransomware operation. There are sanctions out for two more Lockbit affiliates in Russia.

There’s more good news for Lockbit victims, too: The operation obtained keys from Lockbit to create a decryption tool for victims to get their data back, according to US Attorney General Merrick Garland. The free decryptors can be found via the No More Ransom project.

Since 2019 when Lockbit first entered the scene, it’s squeezed victims for more than $120 million in ransomware payments, according to acting assistant AG Nicole Argentieri.

Source: www.engadget.com