Connect with us

Hi, what are you looking for?


LockBit extorted billions of dollars from victims, fresh leaks suggest

Recent findings have shed light on the possible financial scale of the LockBit ransomware group, suggesting they might have accumulated more than $1 billion in ransom payments over their four-year existence. The latest disclosures, posted on LockBit’s blog now managed by Operation Cronos, offer insights into the group’s financial operations. Analysis of 30,000 cryptocurrency addresses obtained after seizing LockBit’s systems revealed holdings totaling about £100 million ($126.6 million), with a significant portion, approximately £90 million ($114 million), still untouched. Typically, LockBit takes a cut of around 20 percent from the ransom fee, while the rest goes to the affiliate who conducted the attack. However, experts believe that the actual amount extorted from victims could be much higher, potentially reaching hundreds of millions of dollars, based on assessments from the South West Regional Organised Crime Unit and Chainalysis.

Although the analysis only covers an 18-month period from July 2022 to February 2024, LockBit operated for roughly four and a half years before being shut down. Considering the current average ransom demand of $1.5 million, the total extorted amount could indeed be in the billions. While the exact percentage of ransomware victims who comply with payment demands varies, LockBit’s impact on victims globally is significant, with over 2,000 confirmed attacks reported. This substantial figure underscores LockBit’s financial success, surpassing previous estimates.

Authorities, led by the UK’s National Crime Agency (NCA) with support from the South West Regional Organised Crime Unit and Chainalysis, are continuing to track and monitor thousands of cryptocurrency addresses associated with LockBit. Additionally, efforts are underway to restrict access to exposed exchange accounts, with significant amounts of crypto assets already seized.

The exposure of LockBit’s financial operations marks the culmination of a week-long effort by Operation Cronos, which seized control of LockBit’s leak site earlier in the week. The transformation of the once secretive operation into a platform for exposés has garnered attention from the cybersecurity community, highlighting concerted efforts to dismantle one of the most prolific ransomware groups to date.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like


Apple is gearing up for a significant refresh of its iPad lineup in 2024, starting with the anticipated launch of the iPad Pro in...


Microsoft Teams had a major hiccup on Friday, causing disruptions and various issues for users. The problem started around 11 a.m. EST and quickly...


JetBlue Airways is considering pulling out of its $3.8 billion acquisition of Spirit Airlines following a federal judge’s blockage of the deal in response...


Tesla is pulling back nearly 200,000 cars in the U.S. over a glitch with the backup camera not kicking in when the car’s in...