An FBI official on Wednesday said the agency has obtained more than 7,000 LockBit ransomware decryption keys and urged victims to get in touch.
At the 2024 Boston Conference on Cyber Security, Bryan Vorndran, assistant director of the FBI’s Cyber Division, said the agency can help victims recover data encrypted by the LockBit ransomware.
Victims have been instructed to reach out to the FBI’s Internet Crime Complaint Center (IC3). Targeted entities can fill out a form and they will be contacted by the agency.
Entities whose files have been encrypted by the LockBit 3.0 ransomware can also try to recover their files using a decryptor developed by Japanese police, which is available on the NoMoreRansom project’s website.
The LockBit malware is believed to have been used in more than 2,400 attacks worldwide, including over 1,800 in the United States.
The cybercriminals caused billions of dollars in damages and received at least $125 million in ransom payments, but law enforcement says the hackers retained the data they stole, even from organizations that paid a ransom.
The LockBit ransomware operation has been targeted in an international law enforcement action whose results were first announced in February, when LockBit domains were seized and suspects were arrested.
The cybercriminals have remained defiant, setting up new leak websites and continuing to announce new victims.
On the other hand, authorities have unmasked the alleged mastermind of the operation. Dimitry Yuryevich Khoroshev, a 31-year-old Russian national, has been charged and sanctioned. A $10 million reward has been offered by the US government for information on LockBit leaders.
The FBI’s Vorndran said Khoroshev tried to convince authorities to “go easy on him by turning on his competitors, naming other ransomware-as-a-service operators”, adding, “We will not go easy on him”.
Related: LockBit Ransomware Affiliate Sentenced to Prison in Canada
Related: LockBit Takes Credit for City of Wichita Ransomware Attack
Related: TrickBot and Other Malware Droppers Disrupted by Law Enforcement
Related: Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested
