The LockBit cybercrime gang has claimed to have stolen an enormous database from the US Federal Reserve, which includes sensitive banking information about American citizens - but the claim is being met with suspicion.
Earlier this week, the infamous ransomware operator added the Fed on its data leak site, saying it had acquired an archive containing “33 terabytes of juicy banking information containing Americans’ banking secrets”.
Furthermore, they said “You better hire another negotiator within 48 hours and fire this clinic idiot who values Americans’ bank secrecy at $50,000,'' suggesting that the negotiation is already underway, and that the group was offered $50,000 in exchange for the data.
Is LockBit bluffing?
It's not known how much money LockBit is asking for, in exchange for this “juicy banking information”, but LockBit is known for asking high seven figures for the archives.
The deadline to reach an agreement is June 25 at 8:27 p.m. UTC (2:27 p.m. EDT), and so far, the Fed is keeping quiet, but other analysts - not so much. In fact, many believe that the post-Cronos LockBit is but a shadow of its former self and that the “theft” from the Fed is nothing more than a ruse to try and improve its standing in the hacking community.
Cronos was a major international police operation that resulted in the seizure of LockBit’s infrastructure, the release of thousands of files and decryption keys, and the doxxing of some operators and affiliates. Since no arrests were made, LockBit resumed operations in roughly a week.
Now, multiple security researchers expressed their doubt at this attack being legitimate.
Dr. Ferhat Dikbiyik, chief research and intelligence officer at Black Kite, for example, described the group as being in a “state of desperation”, while Jason Baker, threat intelligence consultant at Guidepoint Security stressed that LockBit showed no proof of its claims.
Via SiliconANGLE
More from TechRadar Pro
- Never assume the end of an attack infrastructure
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now