HQ/EMEAFind out how we can help your business
Recently, the United Kingdom’s National Crime Agency (NCA), in collaboration with law enforcement agencies, has struck a massive blow against cybercrime with the conclusion of Operation Cronos, aimed primarily at dismantling the notorious LockBit ransomware operation.
NCA’s operation has not only taken down the notorious group but also secured LockBit’s source code, providing a significant advantage in combating future campaigns from the group. This success highlighted the importance of international collaboration in tackling cybercriminal activities.
Earlier this week, our researchers from iZOOlogic spotted in one of the posts of the member of Operation Cronos about the critical nature of the acquired intelligence. The advisory revealed that data retrieved from LockBit’s systems included information from victims who had complied with ransom demands. This chilling revelation exposes the harsh reality that even those who comply with cybercriminals’ demands may find their data compromised despite assurances.
Aside from acquiring source code, authorities have uncovered these secrets of the LockBit ransomware group’s financial infrastructure.
The efforts against LockBit ransomware were not confined to the United Kingdom alone but represented a global success, with the FBI, EUROPOL, and other international partners joining forces.
In addition, these agencies have also worked with a prominent blockchain analysis company. This firm provided valuable insights into the financial infrastructure of the ransomware group, detailing its extensive money flow.
The financial analysis conducted from July 2022 to February 2024 revealed resounding figures. Reviewing over 30,000 Bitcoin addresses, investigators identified over 500 active wallets, which had received over $120 million. Alarmingly, over $114 million remains unspent, indicating the group has vast resources.
Furthermore, approximately 20% of these funds went to LockBit’s administrative staff, suggesting that the total amount stolen could surpass $1 billion. This staggering amount emphasises the scale of the threat posed by ransomware groups, such as LockBit and the urgent need for proactive action to counter their activities.
The operation’s success marks a significant milestone in the ongoing battle against cybercrime. It sends a clear message to ransomware groups that law enforcement agencies could unite, relentlessly pursue them, uncover truths about their operations, and bring them to justice.
