Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

FBI Says It Has 7,000 LockBit Ransomware Decryption Keys

The FBI has obtained more than 7,000 LockBit ransomware decryption keys and is urging victims to get in touch with its IC3.

Ransomware

An FBI official on Wednesday said the agency has obtained more than 7,000 LockBit ransomware decryption keys and urged victims to get in touch.

At the 2024 Boston Conference on Cyber Security, Bryan Vorndran, assistant director of the FBI’s Cyber Division, said the agency can help victims recover data encrypted by the LockBit ransomware.

Victims have been instructed to reach out to the FBI’s Internet Crime Complaint Center (IC3). Targeted entities can fill out a form and they will be contacted by the agency.

Entities whose files have been encrypted by the LockBit 3.0 ransomware can also try to recover their files using a decryptor developed by Japanese police, which is available on the NoMoreRansom project’s website. 

The LockBit malware is believed to have been used in more than 2,400 attacks worldwide, including over 1,800 in the United States. 

The cybercriminals caused billions of dollars in damages and received at least $125 million in ransom payments, but law enforcement says the hackers retained the data they stole, even from organizations that paid a ransom.

The LockBit ransomware operation has been targeted in an international law enforcement action whose results were first announced in February, when LockBit domains were seized and suspects were arrested.

The cybercriminals have remained defiant, setting up new leak websites and continuing to announce new victims. 

Advertisement. Scroll to continue reading.

On the other hand, authorities have unmasked the alleged mastermind of the operation. Dimitry Yuryevich Khoroshev, a 31-year-old Russian national, has been charged and sanctioned. A $10 million reward has been offered by the US government for information on LockBit leaders. 

The FBI’s Vorndran said Khoroshev tried to convince authorities to “go easy on him by turning on his competitors, naming other ransomware-as-a-service operators”, adding, “We will not go easy on him”. 

Related: LockBit Ransomware Affiliate Sentenced to Prison in Canada

Related: LockBit Takes Credit for City of Wichita Ransomware Attack

Related: TrickBot and Other Malware Droppers Disrupted by Law Enforcement

Related: Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider Horizon3.ai.

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

More People On The Move

Expert Insights