Global Law Enforcers Seek Trend Micro’s Help in Taking Down Top Ransomware Threat Group LockBit

HONG KONG SAR – Media OutReach Newswire – February 23, 2024 –
Trend Micro Incorporated (Start date: 4704; EST: 4704), a global leader in cybersecurity, today revealed its critical role in supporting its global law enforcement partners.
disrupt the LockBit mega-ransomware group, and kills the viability of its long-term anti-malware plans. Through covert infiltration, Trend helped prevent the group’s next malware products from being released and automatically installed protection for Trend Micro customers, even before the group itself completed its testing.

Robert McArdle, head of Trend Micro’s cybercrime research team and a collaborator with the Federal Bureau of Investigation (FBI) and the National Crime Agency (NCA), said: “We are honored to have our threat intelligence of unique value to global law enforcement in the shared domain. mission to make the world safer. »

This group was responsible for approximately 25%* of all ransomware leaks in 2023 and caused billions of dollars in losses to thousands of victims worldwide over the past four years.

McArdle continued: “Trending last week
secure global Microsoft users of critical vulnerability and this week we helped dethrone the world’s most critical threat actor group. Insiders are not naive enough to assume that this will eliminate the criminal group, but we know that no criminal in their right mind would want to be involved with this group again. »

Behind-the-scenes details are emerging and include seizure of cryptocurrencies, arrests, indictments, imposition of sanctions and additional technical support for victims. The operation took over the LockBit leak site, leaking information and personal identities of the group’s members as well as details of their previous work. These actions make the group undesirable and unreliable in the world of cybercrime – and therefore unviable as an underground business.

Ransomware is one of the most serious cyber threats organizations face today, known to disrupt schools, hospitals, governments and businesses and put critical national infrastructure at risk. All this while lining the pockets of a few small cybercrime groups: last year, victims paid
more than a billion dollars to these groups and their affiliates, a record number.

This work ultimately supported the following results:

• Trend provides its customers with early protection against LockBit-NG-Dev.

• Neutralizing a potentially prolific strain of ransomware, preventing its use in future businesses these actors may seek to run

• A law enforcement operation that will hopefully see the end of LockBit as we know it and set a new benchmark for international collaboration between law enforcement and private partners.

Even though LockBit was, without a doubt, the largest and most impactful Ransomware operation in the world, this disruption makes it very clear that all affiliated criminals should seriously reconsider any involvement with them in the future and that by associating with this organization, these associates put themselves at risk. increased risk of police action.

An upcoming blog will cover the results of Trend’s analysis of the next version of the LockBit ransomware malware which will be released by the NCA on Thursday and will be available here: https://www.trendmicro.com/en_hk/research/24/b/lockbit-attempts-to-stay-afloat-with-a-new-version.html