On February 16, BlackCat added loanDepot to their dark web leak site, but without any data as proof. At the time, they claimed that LoanDepot had shown up in the negotiation chat, and had offered $6 million for the data and a decryptor, but allegedly claimed they could offer more after the weekend. But after…
Category: Malware
Lockbit takedown accompanied by some arrests and indictments
Although there has been no arrest of LockBitSupp, the disruption of LockBit3.0 was accompanied by some arrests and indictments in various countries: United States: The U.S. Department of Justice unsealed indictments against two Russian men: Artur Sungatov allegedly used LockBit ransomware against victims. And Ivan Gennadievich Kondratyev, a.k.a. “Bassterlord,” allegedly used LockBit ransomware against targets in…
Unpicking LockBit — 22 Cases of Affiliate Tradecraft
As part of its roll-out of news about the LockBit disruption, the governments involved have provided additional information and resources. One of the resources is an article by Secureworks. The summary of their article: Summary The GOLD MYSTIC threat group has operated the LockBit name-and-shame ransomware-as-a-service (RaaS) scheme since mid-2019, exploiting unauthorized access to thousands…
HHS’ Office for Civil Rights Settles Second Ever Ransomware Cyber-Attack for $40,000 and a Corrective Action Plan with OCR Monitoring
HHS OCR has announced a second enforcement settlement in a ransomware case. The 2019 breach involving Green Ridge Behavioral Health managed to fly mostly under the media radar at the time. DataBreaches was not even aware that it was a ransomware attack as when this site contacted Green Ridge back then to inquire about the…
Reward Offers for Information on LockBit Leaders and Designating Affiliates
LockBitSupp, the top honcho at LockBit, always complained that there was no reward for him. He even offered a reward for anyone who could identify him. He should be so pleased by this latest announcement from the Department of State: The Department of State is announcing reward offers totaling up to $15 million for information…
Updating: In “Cronos,” law enforcement took down 34 Lockbit servers
As reported yesterday, law enforcement seized control of LockBit’s leak site and infrastructure. Attempts to view their leak site today show that the seizure notice has been replaced with a page that links to different information on LockBit’ seizure and law enforcement activities: Europol also released more information about the operations: The months-long operation…