The notorious ransomware group LockBit has claimed responsibility for hacking the Federal Reserve Bank and alleges it has stolen 33 terabytes of sensitive data. The group announced this in a post on the dark web, stating it would release the data on Tuesday if a ransom is not paid.
— HackManac (@H4ckManac) June 24, 2024
#CyberAttack
#USA: US Federal Reserve has been listed as a victim by the LockBit 3.0 ransomware group.
The hackers allegedly exfiltrated 33 TB of banking information.
Ransom deadline: 25th Jun 24.#Ransomware pic.twitter.com/JGC1YG7y4A
Background on LockBit
Just last month, the U.K.’s National Crime Agency revealed the alleged identity of LockBit’s leader, Dmitry Khoroshev, a Russian national. Following this revelation, Khoroshev has been sanctioned by the U.S., U.K., and Australia. The U.S. government has offered a $10 million reward for information leading to his arrest or conviction.
LockBit, despite facing significant law enforcement actions, continues to pose a threat in the cybersecurity landscape. The group’s latest claims, whether true or false, highlight the persistent danger ransomware organizations present to global financial institutions.
Details of the Alleged Breach
LockBit, which rose to prominence in 2019 by amassing millions of dollars in ransom payments, stated that it had been in negotiations with the bank. The group demanded a higher ransom and disparaged the current negotiator, describing him as a “clinical idiot” who valued Americans’ banking secrets at a mere $50,000.
Despite these claims, cybersecurity experts remain skeptical. Dominic Alvieri, a cybersecurity analyst, and researcher who frequently reports on ransomware groups, expressed doubts about the authenticity of LockBit’s allegations. Similarly, the malware sample hosting service vx_underground remarked humorously that if the Federal Reserve had indeed been compromised, it would warrant an extreme response, suggesting the claims might be exaggerated.
Expert Opinions
Brett Callow, a threat analyst at cybersecurity firm Emsisoft, also dismissed the claims as likely nonsense. He suggested that LockBit’s announcement might be a tactic to regain attention and reinvigorate its Ransomware-as-a-Service (RaaS) operations, which had suffered setbacks after their infrastructure was shut down by the FBI and other law enforcement agencies in February.
The situation remains uncertain, with answers expected soon as LockBit has threatened to release the data if the ransom is not paid by Tuesday.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time –
https://www.netizen.net/contact
