Skip to content
Edit post

Police arrest 2 suspected affiliates of international cyber crime group Lockbit

by Elsa Court February 21, 2024 9:16 PM 3 min read
A photo of the operation to arrest two suspected of involvement in the international cybercriminal group Lockbit in Ternopil Oblast, Ukraine, on Feb. 21, 2024. (National Police of Ukraine)
This audio is created with AI assistance

Two men suspected of involvement in the international cybercriminal group Lockbit were arrested in Ternopil Oblast, Ukraine's National Police reported on Feb. 21.

The U.K.'s National Crime Agency (NCA) announced on Feb. 20 that it had taken control of Lockbit's services, allowing it to infiltrate the group's network. The NCA described Lockbit as the "world's most harmful cybercrime group," having targeted "thousands" of victims in ransomware attacks.

Lockbit carried out more than 3,000 cyberattacks in the U.S. and Europe between 2019 and 2024, resulting in losses of billions of euros, according to the National Police.

The two Ukrainian suspects were father and son, according to the National Police. The operation to arrest them was carried out with cyber specialists from the Security Service of Ukraine (SBU).

Mobile phones and computer equipment used to carry out cyber attacks were found during searches of their homes.

"As a result, more than 200 criminal-related cryptocurrency accounts were blocked and 34 servers in the Netherlands, Germany, Finland, France, Switzerland, Australia, the United States, and the United Kingdom were removed," the National Police said.

The men provided virus software to affiliates in Western Europe, who "encrypted victims' data, threatened them with information leaks, and demanded ransom."

SBU blocks surveillance cameras hacked by Russia to identify targets in Kyiv
The Security Service of Ukraine (SBU) said it dismantled two online surveillance cameras in Kyiv that Russia had hacked and used to record the city’s air defenses at work as well as the locations of critical infrastructure during a mass attack on Jan. 2.

If a ransom was received, the money was "distributed between the main team of Lockbit and affiliated persons, who received up to 75% of the criminal profits," according to the National Police.

The men's actions "affected individuals, enterprises, state institutions and health care institutions in France," the National Police said.

The Ukrainians, as well as a Polish national, were arrested "at the request of the French judicial authorities," Europol said.

Poland's Central Office for Combating Cybercrime also reported that a 38-year-old man had been arrested in Warsaw "in the presence of French gendarmerie officers and an analyst from Europol."

The U.S. "has also unsealed indictments against two further individuals, who are Russian nationals, for conspiring to commit Lockbit attacks," the NCA said.

The NCA said it worked closely with the Federal Bureau of Investigation (FBI) and international partners from nine other countries, under the coordination of Europol, to uncover Lockbit.

The NCA said it has "obtained over 1,000 decryption keys and will be contacting U.K.-based victims in the coming days and weeks to offer support and help them recover encrypted data."

Ukraine war latest: BBC reports Ukrainian HIMARS strike in occupied Donetsk Oblast kills dozens of Russian troops
Key updates on Feb. 21: * BBC reports Ukrainian HIMARS strike in occupied Donetsk Oblast kills dozens of Russian troops * Reuters: Iran supplies ‘hundreds of ballistic missiles’ to Russia * Russia used 2 Zircon hypersonic missiles in Feb. 7 attack, expert says * Report: North Korean missiles us…

News Feed

MORE NEWS

Editors' Picks

Enter your email to subscribe
Please, enter correct email address
Subscribe
* indicates required
* indicates required
Subscribe
* indicates required
* indicates required
Subscribe
* indicates required
Subscribe
* indicates required
Subscribe
* indicates required

Subscribe

* indicates required
Subscribe
* indicates required
Subscribe
* indicates required
Explaining Ukraine with Kate Tsurkan
* indicates required
Successfuly subscribed
Thank you for signing up for this newsletter. We’ve sent you a confirmation email.