A website run by a criminal gang to distribute ransomware for use in cyber attacks has been taken over by law enforcement.

The site, belonging to the group LockBit, was overlaid with a message on Monday evening saying it was “now under the control of law enforcement”.

The message said the website was under the control of the UK’s National Crime Agency “working in close cooperation with the FBI and the international law enforcement task force, Operation Cronos”.

It says it is an “ongoing and developing operation” that also involves agencies from Germany, France, Japan, Australia, New Zealand and Canada, among others, including Europol.

The message added that the law enforcement agencies involved in the operation would provide more information later on Tuesday.

The site had been used by LockBit to sell services, including ransomware, to hackers which would allow them to breach people’s computer networks.

The group is believed to have been behind a number of high profile cyber attacks in recent years, including one on Royal Mail last year.

Ransomware is a form of malware which encrypts data and files inside a system and demands a ransom be paid in order to release them.

Computer
A computer user at work (Adam Peck/PA)

The National Cyber Security Centre (NCSC) has previously warned that ransomware remains one of the biggest cyber threats facing the UK, and urges people and organisations not to pay ransoms if they are targeted.

Chester Wisniewski, director, global field CTO at cybersecurity firm Sophos said the operation was a “huge win” for law enforcement, but warned that it was unlikely to have fully disrupted LockBit.

“Lockbit rose to be the most prolific ransomware group since Conti departed the scene in mid-2022.

“The frequency of their attacks, combined with having no limits to what type of infrastructure they cripple has also made them the most destructive in recent years,” he said.

“Anything that disrupts their operations and sows distrust amongst their affiliates and suppliers is a huge win for law enforcement.

“We shouldn’t celebrate too soon though.

“Much of their infrastructure is still online, which likely means it is outside the grasp of the police and the criminals have not been reported to have been apprehended.

“Even if we don’t always get a complete victory, imposing disruption, fuelling their fear of getting caught and increasing the friction of operating their criminal syndicate is still a win.

“We must continue to band together to raise their costs ever higher until we can put all of them where they belong, in jail.”