An international operation led by United Kingdom. and U.S. law enforcement has severely disrupted "the world's most harmful cybercrime group," the Russian-linked ransomware specialist LockBit, officials announced Tuesday. LockBit and its affiliates have targeted governments, major companies, schools and hospitals, causing billions of dollars of damage and extracting tens of millions in ransoms from victims, Courthouse News reports. Britain's National Crime Agency (NCA), working with the FBI, Europol and agencies from nine other countries in Operation Cronos, said it had infiltrated LockBit's network and taken control of its services. "We have hacked the hackers, we have taken control of their infrastructure, seized their source code and obtained keys that will help victims decrypt their systems," said the crime agency's director general, Graeme Biggar. LockBit's website — selling services that allow people to organize cyber attacks and hold data until a ransom is paid — was taken over on Monday evening. A message appeared on the site stating that it was "now under control of law enforcement."
"As of today LockBit is effectively redundant, LockBit has been locked out," Biggar said. The U.S. Justice Department said the agencies had seized control of "numerous public-facing websites used by LockBit to connect to the organization's infrastructure" and taken control of servers used by LockBit administrators. The NCA added that it had obtained more than 1,000 decryption keys and will be contacting U.K.-based victims in the coming days and weeks to offer support and help them recover encrypted data. Biggar said the network had been behind 25% of all cyber attacks in the past year. LockBit has targeted over 2,000 victims and received more than $120 million in ransom payments since it formed four years ago, DOJ said. Those targeted have included Britain's Royal Mail, U.S. aircraft manufacturer Boeing and a Canadian children's hospital. In January 2023, U.S. law enforcers shut down the Hive ransomware operation which extorted some $100 million from more than 1,500 victims worldwide. Since then, LockBit has been called the biggest current threat.