The LockBit ransomware gang, known for its Russian connection, has just claimed to publish a huge cache file that it allegedly stole from the US Federal Reserve Central Banking System. LockBit published 21 different links that contain important files. These files seem to belong to the torrents, archived files, and parent directories of Evolve Bank and Trust. Here’s the catch- Evolve Bank and Trust was recently restricted for unethical and unsafe banking practices.
Last weekend, LockBit mentioned the Federal Reserve Bank in its dark victim blog. It claimed to have stolen “33 terabytes of juicy banking information containing Americans’ banking secrets.”
LockBit expressed its displeasure with the current negotiator for the Federal Reserve Bank and demanded another negotiator. Also, it threatened to go ahead and publish the data in case the ransom demand was not catered to.
Nothing worked out, and now Russia-based LockBit claims to have published vital banking details on the dark web.
What’s the Federal Reserve’s take on LockBit’s claim?
The Federal Reserve Bank spokesperson has not yet responded, and any confirmation is being awaited. Meanwhile, relevant authorities have already started investigating the matter, and a full-fledged investigation is underway.
LockBit went ahead and attached the Federal Reserve’s press release as proof. Josh Jacobson, a well-known name in the cybersecurity industry, feels that the ransomware attack by LockBit is a staunch reminder of how even the US government entities are not completely safe from the grip of threat actors.
Josh feels that in case LockBit is telling the truth, then this ransomware attack is going to have severe repercussions across the world.
More details on Evolve Bank And Trust
Both Evolve Bank and Trust as well as its parent company- Evolve Bancorp Inc. have been restricted by the Federal Reserve Bank. They have been ordered to stop operating because of their inability to comply with certain areas of significance, such as risk management, consumer support, and anti-money laundering systems.
This Memphis-based Banking-as-a-Service provider caters to the financial needs of both small businesses and individuals across 17 different states in the US. Besides, it is renowned for its open banking partnership with fintech platforms such as Melio, Visa, Affirm, Mastercard, Airwallex, and Stripe. It has assets worth 1.3 billion (last updated in the year 2022).
What if LockBit is bluffing?
A lot of security experts are calling out LockBit’s claim as pure nonsense. They believe LockBit is playing a bluff. What they feel is that LockBit is in vengeance mode because of the US law enforcement’s tight grip over the Russia-linked ransomware group.
Few experts have indicated the possibility of LockBit trying to create ‘impact and urgency’ through its false claims and that it is trying to switch on the victim’s “fight or flight” mode. Uncertainty and perplexity further can move the needles in favor of the attacker. Basically, they are playing with the psychology of the US authority as of now.
Security professionals firmly believe LockBit’s announcement to be a hoax because the ransomware group has done this earlier as well. It had once called out the FBI as its victim too, in sheer frustration after the the top investigating agency took the group down temporarily back in February 2024. This time, the claims simply may be an attention-seeking game or a trick to climb high in the notoriety rank.
A sneak peek into the ransomware group called LockBit!
LockBit debuted in the world of cybercrimes back in 2019 introducing a new threat that emphasized the need for phishing protection. Since then, it has been operating as a Ransomware-as-a-Service model. It has impacted the global cyber security arena and has so far conducted 1400+ attacks across the US, Europe, Asia, and Africa.
However, this spring, the FBI and INTERPOL carried out an operation that penetrated LockBit’s core network infrastructure. The premiere agencies even left a taunting notice on their home page. The FBI even cracked its Russian connection and busted the Russian ringleader LockBitSupp. It went too close and gained access to his personal details, including how he actually looks and which car he drives.
Image sourced from armourzero.medium.com
LockBit, however, kept working without any hiccups and soon targeted a couple of US-based hospitals as a way to retaliate.
At present, LockBit is operating as LockBit Black or LockBit 3.0, which is by far one of the most intrusive and dangerous versions of the ransomware group. Some of the most notable attacks in the last 1 year include the attacks on Allen and Overy, The Boeing Company, Cannes Hospital, Deutsche Telecom, and so on.
LockBit is currently one of the biggest concerns for the US cybersecurity department. Along with the US Federal Reserve Bank authorities and other security experts, it is trying its best to stop this ransomware group.