2 min read

Global Police Operation Disrupts Lockbit Ransomware Gang


February 20, 2024

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Global Police Operation Disrupts Lockbit Ransomware Gang

A global law enforcement operation led to the disruption of the notorious ransomware gang Lockbit’s website. Authorities have replaced the site’s homepage with a seizure notice festooned with the flags of 11 countries participating in the operation.

Lockbit Website Disrupted, Displays Seizure Notice

“This site is now under the control of the National Crime Agency of the UK, working in close cooperation with the FBI and the international law enforcement task force, ‘Operation Cronos’,” reads the seizure notice on the website. "We can confirm that Lockbit's services have been disrupted as a result of International Law Enforcement action — this is an ongoing and developing operation.”

Buffer Overflow Vulnerability Allegedly Exploited

According to vx-underground’s post on X, Lockbit ransomware group administrators claim that law enforcement agencies weaponized the CVE-2023-3824 vulnerability to compromise their website.

The allegedly exploited flaw is a buffer overflow vulnerability affecting PHP versions 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8 that could let an attacker trigger a memory corruption or run arbitrary code remotely on the compromised target.

More Details About the Operation Expected

The operation reportedly went beyond taking over the Lockbit gang’s website and displaying a seizure notice. However, more insight into its full scope has yet to be disclosed; according to the seizure notice, more details will be revealed at 11:30 GMT on Feb. 20.

Brief History of Lockbit

Lockbit is a dangerous ransomware gang operating on a ransomware-as-a-service (RaaS) model, notorious for indiscriminate, widespread attacks and significant ransom demands.

The cybercriminal syndicate has been involved in thousands of attacks worldwide, demanding hundreds of millions of dollars in ransom. In 2023 alone, Lockbit attempted to extort giant chipmaker TSMC, Boeing, and the Industrial and Commercial Bank of China (ICBC), the world’s biggest bank.

It also hit smaller targets, such as a school district in Illinois, for which the ransomware gang showed remorse, apologizing to the hacked school and offering a free decryption tool.

Staying Safe Against Lockbit, Ransomware, and Other Digital Threats

Ransomware operations like Lockbit have become a significant threat in the cybersecurity landscape, causing extensive harm to government organizations, businesses, but also individuals caught in the crossfire. The nefarious effects of such attacks are far-reaching and can spell disaster for all affected parties.

Fortunately, cyber hygiene and specialized software can curb threat actors’ attempts to compromise your data in ransomware attacks. Bitdefender Ultimate Security boasts a wide range of security modules that can safeguard your photos, documents, videos, and audio files against ransomware attacks. It can also deter other digital threats, including viruses, worms, spyware, Trojans, zero-day exploits, phishing attacks and rootkits.




Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.

View all posts

You might also like