Connect with us

News desk

‘World’s most harmful’: What is the LockBit cybercrime gang?

Published

on

The number of ransomware attacks has exploded around the world in recent years
Share this:

An international law enforcement operation has taken down dozens of servers and disrupted LockBit, “the world’s most harmful cyber crime group” according to British authorities.

LockBit and its affiliates caused billions of dollars in damage and extracted tens of millions in ransom from their victims. Their targets have included banks, mail services and even a children’s hospital.

How does LockBit operate?

Rather than conduct an entire criminal operation itself, LockBit developed the malicious software — “ransomware” — that enables attackers to lock victims out of their computers and networks.

Victims were then told to pay ransom in cryptocurrency in exchange for regaining access to their data. Those who did not pay risked having their data dumped on the dark web.

The “LockBit” ransomware was first observed in 2020, and made money through up-front payments and subscription fees for the software, or from a cut of the ransom, according to the US Cybersecurity & Infrastructure Security Agency (CISA).

The model is known as “Ransomware as a Service”, or RaaS.

LockBit usually conducted itself as a professional enterprise, seeking feedback from customers — called “affiliates” — and rolling out ransomware improvements.

“LockBit operates like a business. They run — or ran — a tight ship, which has enabled them to outlast many other ransomware operations,” Brett Callow, a threat analyst at the cybersecurity firm Emsisoft, told AFP.

LockBit is believed to have operated out of multiple locations, and cybersecurity experts say its members were Russian speakers.

How lucrative is ransomware?

In 2023, extortions by ransomware groups exceeded $1 billion in cryptocurrency for the first time, according to data published this month by blockchain firm Chainalysis.

LockBit has targeted more than 2,000 victims worldwide, receiving more than $120 million in ransom, the US Department of Justice said Tuesday.

These potentially huge payouts have emboldened cybercriminals.

“Awash with money, the ransomware ecosystem surged in 2023 and continued to evolve its tactics,” the cybersecurity firm MalwareBytes said in a report published this month.

“The number of known attacks increased 68 percent, average ransom demands climbed precipitously, and the largest ransom demand of the year was a staggering $80 million.”

That demand came after a LockBit attack severely disrupted Britain’s post operator Royal Mail for weeks.

Who are LockBit’s victims?

LockBit ransomware has been used against a wide variety of targets, from small businesses and individuals to huge corporations.

It was used “for more than twice as many attacks as its nearest competitor in 2023”, according to MalwareBytes.

The group has gained notoriety and attention from law enforcement agencies after high-profile attacks such as the one on Royal Mail.

Last November, it was blamed for an attack on the US arm of the Industrial and Commercial Bank of China (ICBC) — one of the biggest financial institutions in the world — as well as US aerospace giant Boeing.

In 2022, a LockBit affiliate attacked the Hospital for Sick Children in Toronto, Canada, disrupting lab and imaging results. LockBit reportedly apologised for that attack.

“Although LockBit developers have created rules stipulating that their ransomware will not be used against critical infrastructure, it is clear that LockBit affiliates largely disregard these rules,” Stacey Cook, an analyst at the cybersecurity firm Dragos, wrote in a report published last year.

“LockBit developers do not appear to be overly concerned with holding their affiliates accountable.”

Who is fighting back, and how?

LockBit’s growing visibility and its affiliates’ increasing attacks meant law enforcement agencies ramped up their efforts to win this cat-and-mouse game.

An alliance of agencies from 10 nations, led by Britain’s National Crime Agency, on Tuesday said they had disrupted LockBit at “every level” in an effort codenamed “Operation Cronos”.

Europol said 34 servers in Europe, Australia, the United States and Britain were taken down and 200 Lockbit-linked cryptocurrency accounts were frozen.

The NCA said the action had compromised LockBit’s “entire criminal enterprise”.

“This likely spells the end of LockBit as a brand. The operation has been compromised and other cybercriminals will not want to do business with them,” Emsisoft’s Callow told AFP.

But in recent years, cybersecurity experts have detected ransomware groups that suspended operations following law enforcement action only to re-emerge under different names.

“Our work does not stop here. LockBit may seek to rebuild their criminal enterprise,” NCA Director General Graeme Biggar said in a statement.

“However, we know who they are, and how they operate. We are tenacious and we will not stop in our efforts to target this group and anyone associated with them.”

Share this:

News desk

Meta ‘supreme court’ takes on cases of deepfake porn

Published

on

By

Meta's independent oversight board can make recommendations regarding the social media giant's deepfake porn policies but it is up to the tech firm to actually make any changes
Share this:

Meta’s oversight board said Tuesday it is scrutinizing the social media titan’s deepfake porn policies, through the lens of two cases.

The move by what is referred to as a Meta “supreme court” for content moderation disputes comes just months after the widespread sharing of lewd AI-generated images of megastar Taylor Swift on X, formerly Twitter.

The Meta board picked its two cases, regarding images shared on Instagram and Facebook, to “assess whether Meta’s policies and its enforcement practices are effective at addressing explicit AI-generated imagery,” it said in the release.

The board can make recommendations regarding the social media giant’s deepfake porn policies but it is up to the tech firm to actually make any changes.

The first case taken up by the Meta Oversight Board involves an AI-generated image of a nude woman posted on Instagram.

The woman pictured resembled a public figure in India, sparking complaints from users in that country.

Meta left the image up, later saying it did so in error, the board said.

The second case involves a picture posted to a Facebook group devoted to AI creations.

That image depicted a nude woman resembling “an American public figure” with a man groping one of her breasts, the board said in a release.

The board did not name the woman, who it said was identified in a caption on the synthetic image at issue.

Meta removed the image for violating its harassment policy, and the user who posted the content appealed the decision, according to the board.

People were invited to submit comment, particularly on the gravity of harms posed by deepfake pornography and the harm it does to women who are public figures.

Deepfake porn images of celebrities are not new, but activists and regulators are worried that easy-to-use tools employing generative AI will create an uncontrollable flood of toxic or harmful content.

The targeting of Swift, one of the world’s top-streamed artists whose latest concert tour propelled her to the top of American fame, shined a spotlight on the phenomenon, with her legions of fans outraged at the development.

“It is alarming,” said White House Press Secretary Karine Jean-Pierre, when asked about the images at the time.

“Sadly we know that lack of enforcement (by the tech platforms) disproportionately impacts women and they also impact girls who are the overwhelming targets of online harassment,” Jean-Pierre added.

Share this:
Continue Reading

News desk

Samsung returns to top of the smartphone market: industry tracker

Published

on

By

Smartphone market tracker International Data Corporation expects Samsung and Apple will continue to dominate when it comes to high-end smartphones but that pressure will increase from Chinese rivals making more budget priced handsets
Share this:

Samsung regained its position as the top smartphone seller, wresting back the lead from Apple as Chinese rivals close the gap on both market leaders, industry tracker International Data Corporation (IDC) reported Monday.

South Korea-based Samsung overtook Apple as worldwide smartphone shipments grew nearly 8 percent in the first quarter of this year to 289.4 million, IDC said, citing its preliminary data.

It was the third consecutive quarter of growth in the global smartphone market, signalling that a recovery from a slump in the sector is underway, according to IDC.

IDC Worldwide Mobility and Consumer Device Trackers team vice president Ryan Reith expected top smartphone companies to gain share and small brands to struggle for position as recovery progresses.

Samsung shipped 60.1 million smartphones in the first quarter of this year, claiming nearly 21 percent of the market, according to IDC figures.

Apple shipped 50.1 million iPhones, garnering just over 17 percent of the market in the same period, IDC reported.

Apple smartphone shipments were down 9.6 percent in a quarter-over-quarter comparison, while Samsung shipments slipped less than one percent, according to the market tracker.

Meanwhile, China-based Xiaomi saw shipments grow about 33 percent to 40.8 million and Transsion about 85 percent to 28.5 million, taking third and fourth positions in the overall smartphone market, IDC reported.

“While Apple managed to capture the top spot at the end of 2023, Samsung successfully reasserted itself as the leading smartphone provider in the first quarter,” Reith said.

IDC expects Samsung and Apple to maintain their hold on the high end of the smartphone market while Chinese competitors seek to expand sales, according to Reith.

Nabila Popal, research director with IDC’s Worldwide Tracker team, said: “There is a shift in power among the Top 5 companies, which will likely continue as market players adjust their strategies in a post-recovery world.

“Xiaomi is coming back strong from the large declines experienced over the past two years and Transsion is becoming a stable presence in the Top 5 with aggressive growth in international markets.”

Share this:
Continue Reading

News desk

Hong Kong conditionally approves first bitcoin and ether ETFs

Published

on

By

Hong Kong's securities regulator granted conditional approval for city's first spot-bitcoin and ether exchange traded funds
Share this:

Hong Kong’s securities regulator on Monday granted conditional approval to start the city’s first spot-bitcoin and ether exchange-traded funds (ETFs), firms involved said, positioning it as a leader in Asia for the use of cryptocurrencies as investment tools.

ChinaAMC (HK), the city’s unit of China Asset Management, said in a statement it had received regulatory approval from Hong Kong’s Securities and Futures Commission of Hong Kong (SFC) for the provision of virtual asset management services.

The company is “actively deploying resources in the development of spot Bitcoin ETF and spot Ethereum ETF”, it said. 

This will be done in partnership with BOCI-Prudential Trustee Limited, a joint venture of the fund management arm of Bank of China (HK) and the British multinational insurance firm.

Two other fund managers — the Hong Kong units of Harvest Fund Management and Bosera Asset Management — also said they had received conditional approvals from the SFC, Bloomberg reported.

The SFC declined to comment on individual applications.

OSL Digital Securities will provide custody services to China AMC and Harvest to ensure trading safety, the licensed digital assets platform announced Monday. 

“This collaboration marks a critical advancement in the financial landscape of the region, heralding a new chapter in digital asset investments,” OSL said in a statement. 

Hong Kong has been trying to edge ahead as a regional digital asset hub as its international financial centre status has been dented by political turmoil in recent years and China’s economic downturn.

The latest move came three months after the United States gave the green light to ETFs pegged to bitcoin’s spot price, making it easier for mainstream investors to add the unit to their portfolio.

Hong Kong is also widely considered an experimental field for including cryptocurrencies as mainstream investment tools — which are banned in mainland China.

“The financial hub is looking to establish itself as a competitor in the space competing with Dubai and Singapore as regulators open up crypto markets to institutional demand,” said James Harte, an analyst from Tickmill. 

He added that Bitcoin futures were down “around 7 percent at the lows of the day before sentiment reversed on” Hong Kong’s news. 

Last December, the city’s SFC said it was ready to allow retail investors to buy funds that are 100 percent invested in some of the digital assets, triggering the first wave of applications from fund managers. 

Share this:
Continue Reading

Featured