LockBit Claims Stealing 33TB Banking Information From the US Federal Reserve, Claims Proven False
Earlier this week, the notorious ransomware group LockBit claimed it had stolen 33 terabytes of sensitive banking information from the US Federal Reserve. However, the claims have now been proven false. Learn more about the incident.
- Earlier this week, the notorious ransomware group LockBit claimed it had stolen 33 terabytes of sensitive banking information from the US Federal Reserve.
- It has now been proven that the data belonged to an individual financial institution, not the Fed.
Earlier this week, LockBit, the notorious ransomware group, claimed that it had stolen 33 terabytes of sensitive banking information and “banking secrets” belonging to Americans from the US Federal Reserve. The group further threatened the Federal Reserve to pay the ransom by June 25, without which it would leak the data. It also demanded the US central banking system replace the negotiator who offered the group $50,000 not to leak the data, calling the person a “clinical idiot,” giving a sense that the Fed was indeed negotiating with the notorious group.
While the Fed did not comment then, security experts doubted the legitimacy of the claims of the Russia-linked group. While some said the group gave no proof of its claims, a few others opined that the group was just using an attention-grabbing tactic after Operation Cronos. A few others believed the “juicy data” belonged to an individual US financial institution.
See more: Medusa Malware Variants Hit Android Devices in Multiple Countries
LockBit’s Claims Quashed
Eventually, the ransomware group leaked the stolen data on its site to prove its claim. However, it has now been proved that the stolen data belonged to Evolve Bank & Trust, not the US Federal Reserve. The financial institution, too, confirmed this in a statement on its site.
Speaking to BleepingComputer, an Evolve spokesperson said, “Evolve is currently investigating a cybersecurity incident involving a known cybercriminal organization. It appears these bad actors have released illegally obtained data, on the dark web.” The spokesperson said, “We take this matter extremely seriously and are working tirelessly to address the situation. Evolve has engaged the appropriate law enforcement authorities to aid in our investigation and response efforts. This incident has been contained, and there is no ongoing threat.”
Andrew Costis, chapter lead of the Adversary Research Team at AttackIQ, told Spiceworks News & Insights, “As it turns out, it was, in fact, Evolve Bank & Trust who was the victim of LockBit, and not the Federal Reserve. This was verified once the information was posted and the data was analyzed. It’s concerning that a bank has fallen victim to LockBit this time, particularly the fact that 33 TB of data was successfully exfiltrated. It’s unclear whether LockBit deliberately lied/bluffed about attacking the Federal Reserve or if that was a mistake on their side.”
While the tall claims of the LockBit ransomware may be false, it is indeed a major attack on an American financial institution. So, what can financial institutions do? According to Costis, “Organizations in the financial industry must prioritize proactive defense, with a strong focus on threat detection and response. By utilizing LockBit’s common tactics, techniques, and procedures (TTPs), organizations can test their systems response to identify and address any vulnerabilities before they can be exploited.”
LockBit has not yet released any statement regarding its claims being proved false.
MORE ON SECURITY
