Authorities identify, sanction LockBit ransomware ringleader

/in


In a series of indictments and sanctions, authorities from the U.S., U.K. and Australia publicly identified the ringleader of the notorious LockBit ransomware gang known as “LockBitSupp.”

The U.S. Department of Justice (DOJ) unsealed a 26-count criminal indictment against Russian national Dimitry Yuryevich Khoroshev, 31, on Tuesday for allegedly developing the ransomware code and running the ransomware-as-a-service (RaaS) operation since LockBit’s inception in 2019. Additionally, the U.S. Treasury Department’s Office of Foreign Assets Control; the U.K’s Foreign, Commonwealth & Development Office; and Australia’s Department of Foreign Affairs and Trade imposed sanctions on Khoroshev.

The identity of the LockBitSupp administrator persona was a mystery until recently. In February, a joint law enforcement operation dubbed “Operation Cronos,” led by the U.K.’s National Crime Agency, disrupted LockBit’s network and seized the gang’s dark web sites, infrastructure, source code and encryption keys. Following the takedown, authorities used the seized domains to essentially troll the gang’s members by posting information about the possible identity of LockBitSupp, though they stopped short of naming the individual.

LockBit was far and away the most prolific ransomware gang on the threat landscape in recent years, according to research from various cybersecurity companies. As LockBit’s alleged ringleader, Khoroshev typically received a 20% share of each ransom payment made by victims, according to the DOJ. Authorities said LockBit racked up more than 2,500 victims since 2019 and extorted them for at least $500 million in ransom payments, with Khoroshev allegedly pocketing $100 million alone.

“Today’s indictment of LockBit developer and operator Dimitry Yuryevich Khoroshev continues the FBI’s ongoing disruption of the LockBit criminal ecosystem,” FBI director Christopher Wray said in the DOJ announcement. “The LockBit ransomware group represented one of the most prolific ransomware variants across the globe, causing billions of dollars in losses and wreaking havoc on critical infrastructure, including schools and hospitals. The charges announced today reflect the FBI’s unyielding commitment…

Source…