TL;DR: The search intensifies for a leading figure of the infamous LockBit ransomware group, suspected by the FBI and National Crime Agency (NCA) to be in Russia. They’ve frozen his assets and placed him on a no-fly list, with a $10 million reward for information leading to his capture and conviction.
An international task force, dubbed Operation Cronos, recently mocked LockBit by duplicating its website, signaling a broader crackdown led by the FBI and NCA. They hinted at a major revelation, which materialized as the identification of Dmitry Khoroshev from Kaliningrad, Russia, as a key player in the LockBit operations.
The NCA has outed Khoroshev as LockBitSupp, tying him to the Kaliningrad hideout and placing a $10 million bounty on him. He faces 26 charges in the US related to computer fraud, with his criminal endeavors netting over $100 million. The sanctions applied against him by the US, UK, and Australia underscore the global effort to curtail his activities.
“These sanctions are a testament to the global reach of law enforcement against cybercriminals like Dmitry Khoroshev,” remarked NCA Director General Graeme Biggar. “He underestimated our resolve to track him down.”
Cronos also shared insights into LockBit’s workings from their February operation.
Despite LockBit’s quick bounce-back after a disruption, the collective efforts of law enforcement have significantly weakened their operations. “Our actions have dealt a significant blow to LockBit, diminishing both their capabilities and their standing in the criminal world,” asserts Biggar. “We remain committed to bringing them to justice.”
Despite only being active for five years, LockBit is believed to have conducted a billion dollars in illegal transactions, targeting over 1,700 US businesses. High-profile attacks include breaches at Boeing, the financial services group ION, and a disruption of US Treasury securities through an attack on the Industrial and Commercial Bank of China.
Image credit: Richard Patterson