Getty Images/iStockphoto

Risk & Repeat: Hacks, lies and LockBit

Months after an international law enforcement effort disrupted the notorious ransomware-as-a-service operation, LockBit falsely claimed that it breached the U.S. Federal Reserve.

LockBit falsely claimed it breached the U.S. Federal Reserve in an event that suggests a continuing decline of the notorious ransomware gang.

Earlier this year a coalition of law enforcement agencies led by the U.K.'s National Crime Agency launched "Operation Cronos," a disruption effort against LockBit that resulted in two arrests and the seizure of gang's web infrastructure, cryptocurrency accounts and more than 1,000 decryption keys to assist victims. Although the gang returned with a new leak site and claims of fresh victims, other signs showed LockBit's comeback efforts to be failing.

On June 23, LockBit published a countdown timer to its new data leak site promising the release of data stolen from the U.S. Federal Reserve. On June 25 when the countdown completed, the gang released samples of data it stole. Researchers who analyzed the data found that it belonged not to the Federal Reserve, but instead a banking organization based in Arkansas named Evolve Bank & Trust.

Evolve Bank & Trust confirmed that it suffered a LockBit attack in a breach disclosure page, adding that the gang "mistakenly" claimed the stolen data was from the Federal Reserve. LockBit apparently gained access, Evolve said, "when an employee inadvertently clicked on a malicious internet link."

The bank's latest update on July 3 said it was in the process of preparing to notify customers, which it anticipates beginning on Monday.

On this episode of the Risk & Repeat podcast, TechTarget editors Rob Wright and Alex Culafi discuss LockBit's attack against Evolve Bank & Trust, its false claims of breaching the Federal Reserve and the future of the ransomware group.

Subscribe to Risk & Repeat on Apple Podcasts.

Alexander Culafi is a senior information security news writer and podcast host for TechTarget Editorial.

Dig Deeper on Data security and privacy

Enterprise Desktop
  • Understanding how GPOs and Intune interact

    Group Policy and Microsoft Intune are both mature device management technologies with enterprise use cases. IT should know how to...

  • Comparing MSI vs. MSIX

    While MSI was the preferred method for distributing enterprise applications for decades, the MSIX format promises to improve upon...

  • How to install MSIX and msixbundle

    IT admins should know that one of the simplest ways to deploy Windows applications across a fleet of managed desktops is with an ...

Cloud Computing