{"id":162823,"date":"2024-05-07T20:32:04","date_gmt":"2024-05-07T20:32:04","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=162823"},"modified":"2024-05-07T20:32:05","modified_gmt":"2024-05-07T20:32:05","slug":"lockbit-ransomware-admin-identified","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/162823\/cyber-crime\/lockbit-ransomware-admin-identified.html","title":{"rendered":"Law enforcement agencies identified LockBit ransomware admin and sanctioned him"},"content":{"rendered":"
<\/div>\n

The FBI, UK National Crime Agency, and Europol revealed the identity of the admin of the LockBit operation and sanctioned him.<\/h2>\n\n\n\n

The FBI, UK National Crime Agency, and Europol have unmasked the identity of the admin of the LockBit<\/a> ransomware operation, aka ‘LockBitSupp’ and ‘putinkrab’ , and issued sanctions against him. It was the first time that the admin of the notorious group was identified by law enforcement.<\/p>\n\n\n\n

The man is a Russian national named Dmitry Yuryevich Khoroshev (31) of Voronezh, Russia.<\/p>\n\n\n\n

“The sanctions against Russian national Dmitry Khoroshev (pictured), the administrator and developer of the LockBit ransomware group, are being announced today by the FCDO alongside the US Department of the Treasury\u2019s Office of Foreign Assets Control (OFAC) and the Australian Department of Foreign Affairs.” reads the press release<\/a> published by NCA.<\/em><\/p>\n\n\n\n

The NCA states that Khoroshev will now be subject to a series of asset freezes and travel bans.<\/p>\n\n\n\n

“Khoroshev, AKA LockBitSupp, who thrived on anonymity and offered a $10 million reward to anyone who could reveal his identity, will now be subject to a series of asset freezes and travel bans.”<\/em> continues the NCA.<\/gwmw><\/p>\n\n\n

\n
\"\"<\/a><\/figure><\/div>\n\n\n

According to the UK agency, data retrieved from the systems belonging to the ransomware gang revealed that from June 2022 to February 2024, the criminals gave orchestrated over 7,000 attacks. The most targeted countries included the US, UK, France, Germany, and China.<\/p>\n\n\n\n

LockBit operation targeted over 100 hospitals and healthcare companies, resulting in at least 2,110 victims. The NCA states that despite the group attempted to rebuild its operation, the international law enforcement operation<\/a> carried out in February severely impacted the gang’s activities.<\/p>\n\n\n\n

LockBit created a new leak site to inflate their apparent activity. Since the NCA’s intervention in February, LockBit attacks in the UK have decreased by 73%, with similar reductions reported in other countries. The investigation also provided insight into the group’s operations and network.<\/gwmw><\/p>\n\n\n\n

The NCA added that of the 194 affiliates identified as using LockBit\u2019s services up until February 2024:<\/p>\n\n\n\n