MainNews -

Ukrainian police crack down on transnational hacker group LockBit

A father and son hacker was exposed in Ternopil.

Ukrainian police crack down on transnational hacker group LockBit
Photo: Telegram/Prosecutor-General's Office

Ukraine has shut down the activities of the transnational criminal hacker group LockBit, which attacked large businesses around the world. The hackers used a virus that encrypted company data and demanded huge ransoms for decryption.

Since 2019, LockBit has carried out more than 3,000 cyberattacks on the infrastructure of various companies in Europe and the United States. It is considered the most "reputable" hacker group among blackmailers in the world, according to the Prosecutor-General's Office and the National Police.

"The hackers provided their malware and infrastructure as a service to affiliates in Western Europe, who encrypted the victim's data, threatened them with information leaks and demanded a ransom. Having received the funds, they distributed them between the main LockBit team and affiliates, who received up to 75% of the criminal profit," the police said.

In Ukraine, the criminals were represented by a father and son, whose actions affected individuals, businesses, government agencies and healthcare facilities in France.

"The National Police investigators conducted a number of searches at the hackers' residences in Ternopil, during which they seized mobile phones and computer equipment used in the illegal activity. As a result, more than 200 cryptocurrency accounts related to criminal activity were blocked and 34 servers in the Netherlands, Germany, Finland, France, Switzerland, Australia, the United States and the United Kingdom were deleted. This made it possible to block the activities of the main hacker platform and other criminal critical infrastructure," the law enforcement officers added.

· LockBit may be linked to Russian hackers. Russians were part of this hacker group.

· The other day, a coalition of special services managed to take control of the Lockbit website, which posted the message. The operation is ongoing, with the hackers themselves claiming to have backup servers from which they intend to continue their activities.

· Among those attacked by LockBit hackers was the Royal Mail of the United Kingdom.

Read news on social networks Facebook, Twitter and Telegram