LockBit hackers claim to have cracked the US Federal Reserve

News
By
published

Some are calling it a bluff

security
(Image credit: Shutterstock / binarydesign)

The LockBit cybercrime gang has claimed to have stolen an enormous database from the US Federal Reserve, which includes sensitive banking information about American citizens - but the claim is being met with suspicion.

Earlier this week, the infamous ransomware operator added the Fed on its data leak site, saying it had acquired an archive containing “33 terabytes of juicy banking information containing Americans’ banking secrets”. 

Furthermore, they said “You better hire another negotiator within 48 hours and fire this clinic idiot who values Americans’ bank secrecy at $50,000,'' suggesting that the negotiation is already underway, and that the group was offered $50,000 in exchange for the data.

Is LockBit bluffing?

It's not known how much money LockBit is asking for, in exchange for this “juicy banking information”, but LockBit is known for asking high seven figures for the archives. 

The deadline to reach an agreement is June 25 at 8:27 p.m. UTC (2:27 p.m. EDT), and so far, the Fed is keeping quiet, but other analysts - not so much. In fact, many believe that the post-Cronos LockBit is but a shadow of its former self and that the “theft” from the Fed is nothing more than a ruse to try and improve its standing in the hacking community. 

Cronos was a major international police operation that resulted in the seizure of LockBit’s infrastructure, the release of thousands of files and decryption keys, and the doxxing of some operators and affiliates. Since no arrests were made, LockBit resumed operations in roughly a week.

Now, multiple security researchers expressed their doubt at this attack being legitimate.

Dr. Ferhat Dikbiyik, chief research and intelligence officer at Black Kite, for example, described the group as being in a “state of desperation”, while Jason Baker, threat intelligence consultant at Guidepoint Security stressed that LockBit showed no proof of its claims. 

Via SiliconANGLE

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.