The FBI has called on past victims of LockBit ransomware attacks to step forward, armed with over 7,000 decryption keys obtained through law enforcement efforts. This revelation came from FBI Cyber Division Assistant Director Bryan Vorndran at the 2024 Boston Conference on Cyber Security. Vorndran emphasized the FBI’s commitment to helping victims reclaim their data and resume operations, urging anyone who suspects they were targeted to report to the Internet Crime Complaint Center.
The announcement follows Operation Cronos, an international law enforcement operation that dismantled LockBit’s infrastructure in February 2024. This operation resulted in the seizure of 34 servers containing thousands of decryption keys, facilitating the creation of a free LockBit 3.0 Black Ransomware decryptor. Despite these efforts, LockBit remains active, shifting to new servers and dark web domains to continue its ransomware operations.
LockBit’s criminal activities have reportedly netted up to $1 billion in ransoms from over 7,000 attacks worldwide between June 2022 and February 2024. The gang, led by Russian national Dmitry Yuryevich Khoroshev, has persisted despite the arrest and charging of other key figures. In response to law enforcement actions, LockBit has intensified its cyberattacks and data leaks, targeting victims globally and demonstrating resilience in the face of authorities’ efforts to dismantle its operations.
The U.S. State Department has offered substantial rewards for information leading to the arrest or conviction of LockBit leadership and affiliates. Despite these challenges, law enforcement continues its efforts to disrupt LockBit’s operations and provide support to victims affected by the ransomware attacks.
