The LockBit cybercrime gang is notorious for stealing data from victims and companies and extorting them
THE Trend Micro, a world leader in cybersecurity solutions, was part of the operation coordinated by international federal agencies to dismantle the LockBit ransomware megagroup. Through secret infiltration, Trend managed to prevent the launch of the group's new products and automatically installed protection for its customers, even before the group itself had finished testing.
Lockbit was responsible for approximately 25%* of ransomware cases in 2023, causing billions of dollars in losses to thousands of victims worldwide over the past four years. Ransomware is one of the most serious cyber threats faced by organizations, feared to disrupt the operations of companies and governments by putting national infrastructure at risk.
“About a month ago, Trend Micro protected global Microsoft users from a critical vulnerability, and now we are joining this important task force to eliminate the world's leading group of ransomware threats. We are honored that our Threat Intelligence function plays a fundamental role in the mission to make the world safer”, said Robert McArdle, Cybercrime Research team leader at Trend Micro and collaborator with the US FBI and NCA , UK National Crime Agency.
Lockbit's action was always aimed at obtaining the greatest possible monetary gain, and to achieve this it relied on the partnership of small cybercrime groups. It is estimated that last year victims paid more than US$1 billion to these groups and their affiliates, a record number.
Behind-the-scenes details of the operation include cryptocurrency seizures, arrests, charges, imposition of sanctions, and additional technical support for victims. The task force managed to take over the LockBit website, revealing the personal information and identities of the group's members, as well as details of their previous work. The initiative makes the group unwanted and unreliable in the world of cybercrime, that is, unviable as a clandestine business. “We cannot be naive enough to assume that the action will eliminate the criminal group outright, but we know that no criminal in their right mind will associate with Lockbit anytime soon,” added Robert McArdle.
The operation that put an end to LockBit as we know it involved police agencies from several countries, establishing a new benchmark for collaboration between legal authorities and private partners. In addition to North American and British agencies, the international operation that Trend Micro was part of involved a coalition of law enforcement agencies from France, Japan, Switzerland, Canada, Australia, Sweden, the Netherlands, Finland and Germany.
*Based on Trend Micro analysis and tracking of ransomware leak sites, LockBit accounted for approximately 25 percent of all ransomware leaks in 2023.
EN 
PT 
