Rejoice too soon: When international investigators confiscated the LockBit gang's infrastructure a month ago, they assumed a serious blow to the ransomware group. However, their head soon came back with a self-critical but aggressive statement and is now continuing his PR campaign. In an interview, he again described his view of the raid and his lofty plans for the future.
Advertisement
Of course, according to the criminal (or criminals) operating under the pseudonym LockBitSupp, the prosecutors' actions surprised him, but didn't do much harm to him. In a grandiose perpetrator-victim reversal, the cyber gangster even went so far as to say in the interview, conducted in Russian and via crypto messenger, that the raid led by British prosecutors was worse than a ransomware attack. He calls this a “subsequently paid penetration test” – typical of the euphemistic language used by online criminals.
In the interview, however, LockBitSupp admits that some of his partners, the so-called “affiliates”, became afraid and stopped working, but that does not affect him. He wants to continue the criminal activity until his death – or until he has successfully infected a million victims with ransomware.
Observers had suspected in recent weeks that LockBitSupp was pillorying older victims on its Darknet site in order to simulate activity. However, the gangsters have now fully resumed their work: the security service provider Cisco Talos has already observed eight new victims in Germany alone since February 20th.
Negotiation tactics and admission of guilt
In the case of one of the current victims, the US medical startup Crinetics Pharmaceuticals, the ransomware operator is now being particularly adamant. Because representatives of the pharmaceutical company had contacted the press contrary to his instructions, he refused before the public rejected the ransom offer of $1.8 million and is now threatening the listed company to publish all stolen data and denounce it to the SEC. The criminal stole the latter idea from the competition: AlphV had denounced a victim to the US Securities and Exchange Commission last November.
A Canadian-Russian accomplice of the LockBit gang has now pleaded guilty to the charges against him. The man was arrested red-handed in November 2022 in the province of Ontario while he was logged into the LockBit management interface. The investigators also found access data to a Bitcoin wallet with ransom money on the man. In addition to charges of computer fraud and vandalism, he also pleaded guilty to illegal weapons possession and was sentenced to four years in prison.
(cku)