HomeCII/OTFulton County and Security Experts Dispute LockBit's Claims - Krebs on Security

Fulton County and Security Experts Dispute LockBit’s Claims – Krebs on Security

Published on

spot_img

LockBit, a notorious ransomware group, issued a warning to officials in Fulton County, Ga., threatening to release their internal documents online unless a ransom was paid. The county was listed as a victim on LockBit’s website on Feb. 13, with the group claiming to have stolen files during a breach the previous month. The attack caused disruptions to the county’s phones, Internet access, and court system.

In a bid to pressure the county into paying the ransom, LockBit leaked a small number of sensitive files as a teaser, including sealed court records from criminal trials. However, on Feb. 16, Fulton County’s listing and the countdown timer for data publication were suddenly removed from LockBit’s website without explanation. The leader of LockBit later claimed that this was due to last-minute negotiations with county officials.

Despite LockBit’s claims of receiving payment from Fulton County, the county’s officials vehemently denied making any payments. The FBI and the U.K.’s National Crime Agency then took over LockBit’s online infrastructure on Feb. 19, replacing their homepage with a seizure notice and decryption tools for victims.

Following this seizure, LockBit resurfaced with new domains on the dark web, listing Fulton County and several other victims whose data was threatened to be leaked if no ransom was paid. The group set a deadline for Fulton County’s data to be published, moving it forward to the morning of Feb. 29. However, as the countdown reached zero, Fulton County’s listing vanished from LockBit’s website.

LockBit’s spokesperson, known as “LockBitSupp,” claimed that Fulton County had paid the ransom, citing the deletion of their data as proof. County officials refuted these claims, stating that they were not aware of any data being released. Security experts, including threat analyst Brett Callow from Emsisoft, believe that LockBit likely lost the victim data before the seizure and have been attempting to save face within the cybercrime community.

RedSense, another security firm, pointed out inconsistencies in LockBit’s recent activities, including the removal of previously listed victim profiles and the publication of new ones. They expressed skepticism about the authenticity of these claims and urged LockBit to stop defrauding victims.

Despite the attempts by LockBit to maintain credibility among its affiliates, experts like Callow remain skeptical. They caution against working with a group that has been compromised to such a significant extent. The saga involving Fulton County and LockBit serves as a reminder of the high-stakes game played by ransomware groups and the potential consequences for their victims.

Source link

Latest articles

Live Webinar: Smarter Cyber Defense for Government and Higher Education

Dr. Tina Carkhuff: A Leader in Data-Driven Public Service Industry Advisor,...

RedLine Infostealer Thread Uncovers Covert Maritime Phishing and BEC Infrastructure

Investigation Reveals Targeted Spear-Phishing and BEC Campaign in Maritime Sector A routine alert from a...

Insurance Giant Aflac Reports Data Breach Affecting Millions

Aflac Faces Major Data Breach Affecting Millions of Customers In a significant disclosure to the...

Simplify, Secure, Scale – A Business Leader’s Guide to Network Modernization with Google Cloud Webinar

Hybrid Network Infrastructure: Challenges and Solutions in the Era of Cloud and AI In an...

More like this

Live Webinar: Smarter Cyber Defense for Government and Higher Education

Dr. Tina Carkhuff: A Leader in Data-Driven Public Service Industry Advisor,...

RedLine Infostealer Thread Uncovers Covert Maritime Phishing and BEC Infrastructure

Investigation Reveals Targeted Spear-Phishing and BEC Campaign in Maritime Sector A routine alert from a...

Insurance Giant Aflac Reports Data Breach Affecting Millions

Aflac Faces Major Data Breach Affecting Millions of Customers In a significant disclosure to the...