InfoSecBulletin Cybersecurity for mankind
The UK, US, and Australia have imposed sanctions on the leader of the ransomware group LockBit, which is known worldwide.
Russian national Dmitry Khoroshev has been identified as a leader of a group involved in an international law enforcement investigation. The group has extorted over one billion dollars from victims worldwide, according to the Government.
BCSI BLOG POST
SonicWALL Vulnerability Traded; threating for Corporate network in Bangladesh
Banking trojan Grandoreiro targeting about 1,500 banks over 60 countries
Australian gov.t warns of ‘large-scale ransomware data breach’
Patch Now: CISA Warns of Actively Exploited D-Link Router Vulnerabilities
New “Antidot” Banking Trojan disguised Fake Google Play Updates
CISA Published Encrypted DNS Implementation Guidance
Cyble Research
Transparent Tribe & SideCopy: A Cyber Alliance Targeting India
Recordedfuture report
Hackers Exploit GitHub to Spread Malware targeting operating systems
ALERT
CISA issued Seventeen Industrial Control Systems Advisories
Intel released 41 Security Advisories Over 90 Vulnerabilities
As part of the sanctions, the Foreign Office said he would now be subject to a series of asset freezes and travel bans.
The UK’s sanctions minister, Anne-Marie Trevelyan says:
“In sanctioning one of the leaders of LockBit we are taking direct action against those who continue to threaten global security, while simultaneously exposing the malicious cyber-criminal activity emanating from Russia.”
The US Justice Department has revealed charges against Khoroshev in New Jersey.
Deputy Attorney General Lisa Monaco explains:
“Working with U.S. and international partners, we are using all our tools to hold ransomware actors accountable—and we continue to encourage victims to report cyberattacks to the FBI when they happen. Reporting an attack could make all the difference in preventing the next one.”
In February, the NCA reported that it had infiltrated the group’s network and taken control of its services, weakening the criminal organization. The group has tried to recover in the past 2 months, but the NCA believes that their operations are currently limited, and the global threat from LockBit has decreased.
The gang called LockBit was behind 25% of ransomware attacks worldwide last year. They targeted thousands of victims, including over 200 businesses in the UK, and made billions of dollars by stealing and using sensitive data.
Today’s measures will directly target a senior leader of the gang responsible for these atrocious attacks. Khoroshev will now be subject to a series of asset freezes and travel bans.
National Crime Agency Director General Graeme Biggar said:
These sanctions are an important moment in our fight against cyber criminals behind the LockBit ransomware group, which is now on its knees following our disruption earlier this year.
Cyber attacks have caused extensive damage to schools, hospitals, and major companies worldwide. These organizations have had to deal with the aftermath and repair the consequences of these devastating attacks.
Dmitry Khoroshev believed he was invincible and even offered $10 million to anyone who could expose him, but his recent actions prove otherwise. We are currently investigating LockBit and its partners, and together with our global allies, we will do our best to disrupt their activities and ensure public safety.
Eleanor Fairford, National Cyber Security Centre (NCSC) Deputy Director for Incident Management, said:
Ransomware attacks pose a massive threat to UK businesses and their impacts can be severe and long-lasting, disrupting operations and putting potentially sensitive data at risk.
Organizations must have strong online defenses to lower the risk of cyber attacks and protect sensitive information.
