- Marijan Hassan - Tech Journalist
LockBit’s leader gives rare interview after recent takedown of the ransomware group
On February 19, 2024, the cybersecurity world woke up to the great news that authorities had taken down the notorious LockBit ransomware group. The operation was a joint effort involving the U.K.’s National Crime Agency, the FBI, Europol, and several international police agencies.
Even more interesting, the authorities did not just take down the group’s website but also their hacking tools, cryptocurrency accounts, and source code ending. Essentially, the group would need to start from scratch to get back on the scene.
Now, almost a month after the takedown, the group's leader who goes by the name LockBitSupp granted an exclusive interview to Click Up podcast where he talked about the future of the group.
According to the man, it’s not the end of the group. If anything they’re coming out stronger. LockBitSupp says that the takedown only served to make the group more popular – ”An opportunity to show everyone my strength of character.”
LockBitSupp, believed to be Russian, says he was impressed by the method used by authorities to get into the group’s system, but notes he’s to blame because he became complacent.
He’s urging the FBI to hack them more often to keep him on his toes.
Asked how it feels to be on the other side of the gun, unable to access his systems like his victims, LockBitSupp justified the group’s deeds by saying they give their victims a chance to recover.
“This is different from what we do because they were not giving me a chance to recover. Our business is very different from this. We do post-payment penetration testing, and we return the systems to their original state after paying the ransom,” he said.
“But some data you were supposed to destroy after payment was apparently found on your platform. Tell us about that,” the interviewer prodded LockBitSupp further.
The cybercriminal dismissed the news as an elaborate scheme by the FBI to ruin his reputation, daring them to produce at least one piece of evidence that he had retained data on his database even after the ransom had been paid.
On how the takedown has affected business, LockBitSupp said some partners had gotten scared, but these were mostly those that didn’t know how to discreetly hide their cybercrime loot. But this was not something he was worried about because he still had partners who trusted him and admired his resilience.
Asked about his take on other ransomware groups and if they could rise to take his place, LockBitSupp said they could try but they didn’t stand a chance.
“Previously, the only worthy competitor as I saw it was AlphV/BlackCat. But now they are gone, and so now I don’t see a single worthy competitor,” he said.
LockBitSupp has vowed to continue his hacking activities until he dies and admitted that his goal in life is to hit one million companies and for LockBit to make history as the most destructive affiliate program.
The group first came to light in 2019 and has been attributed to nearly 2,300 attacks since then. In comparison, Conti — the second most active group — has only been publicly linked to 883 attacks.
The interview was conducted over an encrypted messaging app and translated from Russian.
Comments