Third phase of the global operation against LockBit

Updated on 01/10/2024

01/10/2024

LockBit is a ransomware-as-a-service (RaaS) malware that has been widely used by criminal organisations to steal and encrypt the data of 2,500 companies and individuals in more than 120 countries. According to international security agencies, LockBit was the most widely used ransomware in the world between 2022 and 2023, accounting for 44% of ransomware incidents.

Europol has carried out a joint operation to arrest 4 new suspects in 12 countries, in addition to 15 people sanctioned in the UK, 6 in the US and 2 in Australia, as well as the seizure of servers in France and Spain. This is the result of the third phase of Operation Cronos.

Among the activities carried out by the different law enforcement agencies in the countries included in the operation, the actions of the Guardia Civil stand out, as they managed to identify and arrest the administrator of the Internet service provider used by this criminal group.

References

01/10/2024

europol.europa.eu

LockBit power cut: four new arrests and financial sanctions against affiliates
01/10/2024

interior.gob.es

Detenido en España uno de los principales encargados de la infraestructura del ransomware Lockbit 3.0
01/10/2024

efe.com

Detenido en Madrid un miembro clave de Lockbit, autor de ciberataques en 120 países
01/10/2024

bleepingcomputer.com

Police arrest four suspects linked to LockBit ransomware gang
01/10/2024

theregister.com

Euro cops arrest 4 including suspected LockBit dev chilling on holiday
01/10/2024

lavanguardia.com

Detenido en Madrid una pieza clave de Lockbit, autor de ciberataques en 120 países
01/10/2024

elconfidencial.com

Detenido en Madrid una pieza clave de Lockbit, autor de ciberataques en más de 120 países
02/02/2023

cbc.ca

Intelligence agency says ransomware group with Russian ties poses 'an enduring threat' to Canada
19/02/2024

incibe.es

Desmantelamiento del grupo de ransomware LockBit

Etiquetas