Lockbit’s dark web leak site seized by Intl. security agencies

LockBit's dark web leak site, where the ransomware gang publicly lists its victims and issues ransom demands, was replaced with a notice from law enforcement agencies. The National Crime Agency of the U.K. in collaboration with the FBI and the international law enforcement task force 'Operation Cronos,' confirms that LockBit's services have been disrupted due to international law enforcement action, according to the notice.

The takedown notice replaces the gang's extortion page, and also features logos of Europol and other international police organisations from countries including Canada, France, Japan, Switzerland, Germany, Sweden, the Netherlands, Finland and Australia.

Since its emergence as a ransomware-as-a-service (RaaS) operation in late 2019, LockBit has become one of the world's most prolific cybercrime groups. 

LockBit has targeted prominent organisations globally, including aerospace company Boeing, chipmaker TSMC, and U.K. based Royal Mail. Recent attacks attributed to LockBit include disruptions to Georgia's Fulton County services and a cyberattack on India's state-owned aerospace research lab known as National Aerospace Laboratories (NAL). 

This operation by international law enforcement agencies marks the recent actions aimed at combating ransomware gangs, following similar takedowns such as the seizure of the dark web leak site of the ransomware gang ALPHV, also known as BlackCat in December.