profile

Safe Not Scammed

Hackers Got Hacked

Published 2 months ago • 1 min read

Issue #4

Hackers Got Hacked

Ahoy there, fellow Netizens!

Prolific ransomware gang LockBit had a terrible week this week. Law enforcement from multiple counties turned the tables on the cybercriminals by hacking them, seizing their websites and servers. Police also shutdown thousands of third party accounts used by the gang and even arrested some of the hackers, significantly disrupting their criminal operations.

Who is LockBit?

LockBit is one of the most active ransomware gangs and has been around since the end of 2019. In 2023, the group publicly claimed a staggering 1,038 victims according to data from ecrime.ch. The gang has attacked hospitals, schools, and banks, as well as companies from many other sectors.

How does LockBit operate?

First, cybercriminals associated with the gang gain unauthorized access to an organization’s network. They then deploy malware that steals private data, such as customer and employee information, and also encrypts the organization’s files, making them inaccessible.

Next, the victim organization is instructed to contact LockBit to negotiate. If the organization pays a hefty ransom, LockBit hands over a decryptor to unlock the encrypted files and tells the organization that the stolen data will be deleted. If the organization refuses to pay, LockBit publishes the stolen data on its dark web leak site.

What did law enforcement do?

Law enforcement teams were able to hack into LockBit’s servers, potentially due to a vulnerability the cybercriminals neglected to patch. This allowed police to take control of the gang’s data leak site, which, rather poetically, they are now using to post updates on the take down operation.

One of these updates revealed that police have shutdown 14,000 LockBit affiliated accounts at cloud storage provider Mega and encrypted email providers Proton and Tuta. Those accounts were reportedly being used to steal data and formed part of the gang’s infrastructure.

Police have also arrested several cybercriminals allegedly associated with the ransomware gang. Two of those arrested turned out to be a father-son team!

All in all, this is great news. We can all breathe a little easier knowing LockBit won’t be attacking hospitals or stealing our personal data anytime soon.

Until next time, stay safe out there!

113 Cherry St #92768, Seattle, WA 98104-2205
Unsubscribe · Preferences

Safe Not Scammed

Rebecca Morris

Subscribe to my weekly newsletter to keep up with the latest hacks, scams and privacy violations, plus what you can do to protect yourself!

Read more from Safe Not Scammed

Issue #14 Vastaamo Hacker Sentenced Image made using Canva Ahoy there, fellow Netizens! Before getting to this week’s story, I have a quick announcement. Going forward, I’ll be sending this newsletter out once every two weeks instead of once every week. I hope you’ll continue to enjoy the newsletters, even though they’ll be a little less frequent! Now, let’s talk about Julius Kivimäki, a 26-year-old Finnish hacker who was sentenced to prison earlier this week for his attack on Finnish...

3 days ago • 1 min read

Issue #13 The Change Healthcare Ransomware Disaster Image made using Canva Ahoy there, fellow Netizens! This week let’s talk about the train wreck that is the Change Healthcare situation. If you haven’t heard, Change Healthcare suffered a ransomware attack back in February that caused disruption at hospitals and pharmacies around the country. As is common with ransomware attacks, the bad actors also stole data from the health tech giant. UnitedHealth Group, the company that owns Change...

10 days ago • 1 min read

Issue #12 Cybercriminals Offer $300 per SIM Swap Image made using Canva Ahoy there, fellow Netizens! This week, let’s talk about how cybercriminals are bribing employees of major cell carriers to carry out SIM swaps. What is a SIM swap? First, a bit of background. A SIM swap allows an attacker to steal your phone number. It happens when a cybercriminal convinces your cell carrier to transfer your number to their phone, meaning all your calls and texts go to them. If you receive 2-factor...

17 days ago • 1 min read
Share this post