Police arrest suspected LockBit operator as ransomware gang spreads new data

Russian citizen related to the LockBit ransomware operation was arrested for his alleged involvement in attacks targeting critical infrastructure and major industrial groups around the world.

The 33-year-old suspect was arrested in Ontario, Canada on October 26 following an investigation led by the French National Gendarmerie with assistance from Europol’s European Cybercrime Centre. FBIand the Royal Canadian Mounted Police. During the arrest, police confiscated eight computers, 32 external hard drives and €400,000 in cryptocurrencies, Europol said.

The arrest follows a similar operation in Ukraine last October, when a joint international law enforcement operation led to the arrest of two of his accomplices.

Europol says the suspect, described as “one of the most prolific ransomware operators in the world”, was one of its high-value targets due to his involvement in numerous high-profile ransomware cases. The EU police agency added that he is known for trying to blackmail victims with ransom demands of between €5 million and €70 million.

The suspect will now face charges in the United States. An announcement from the US Department of Justice is expected later today.

The specific victims targeted by the suspected LockBit operator were not named by Europol. However, France’s involvement in the operation suggests it may be linked to a recent attack on French space and defense group Thales.

LockBit, a prominent previously reported ransomware operation attacks on technology manufacturer Foxconn, UK Healthcare Provider Advancedand IT giant Accenture, Thales added to its leak site on October 31. The group claims to have released data stolen from the company today, which it describes as “highly sensitive” and “high risk” in nature. The contents of the data leak included commercial documents, accounting files and customer files, according to LockBit, although the files had not been made public at the time of publication.

“As far as customers are concerned, you can contact the relevant organizations to consider taking legal action against this company that has grossly disregarded privacy rules,” the LockBit leak site said in a statement.

Thales spokesman Cedric Lurkin did not immediately respond to a request for comment.

LockBit also claims to have leaked 40 terabytes of data stolen from German car giant Continental today, and samples of the data suggest the gang had access to technical documents and source code. Although the ransom demand was not explicitly stated, the ransomware gang’s leak page claimed to be offering access to the full tranche of stolen data for $50 million.

Continental spokesman Mark Seidler told TechCrunch that the company’s investigation into the incident revealed that “the attackers were also able to steal some data from the affected IT systems,” but declined to say what types of data were stolen or how many customers and employees were stolen affected.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *