Federal Reserve headquarters in Washington DC. Image by Rafael Saldaña via flickr.com. License: Creative Commons

The ransomware group LockBit claims to have hacked the US Federal Reserve (Fed) and stolen 33 terabytes of sensitive data. But is this really the case?

Perhaps we should acknowledge that reality is cheaper and less credible than any third-rate action joke. In the midst of a geostrategically tense situation, in an economic, currency and drone war, hackers from Russia, from the ransomware gang LockBit, have hacked the US Federal Reserve – the Fed.

Negotiations then ensued, in which, according to LockBit, “a patented idiot” offered the paltry sum of $50,000 in exchange for not publishing “America’s banking secrets.” LockBit claims to have 33 terabytes of banking data, sensitive data on transfers from millions of Americans and their banks, and gave the Fed until June 25 to make a more serious offer. After the countdown expired, LockBit released parts of the stolen data on the dark web, via 21 links, with various directories and torrent files.

And as if the US institutions weren’t already looking at themselves with their pants down enough, the US Department of Justice announced a strike against LockBit in May: Together with their British colleagues, they had disrupted the LockBit ransomware group, brought charges and are working closely with international partners to continue to put obstacles in the hackers’ way. This also included access to servers, networks and domains.

But the result is – a hack of the US Federal Reserve? Could it be a clearer loss?

“Malicious actors have published illegally stolen data on the dark web”

As it turns out, the hackers triumphed too soon and the sensationalist observers laughed too soon. The data published so far does not point to a hack of the Fed, but to a single bank – Evolve Bank & Trust.

The bank explained in a public statement that there had been a security incident. “Evolve is currently investigating a cybersecurity incident involving a known cybercriminal organization. It appears that malicious actors have illegally published stolen data on the dark web.” The bank is taking the incident seriously and has contacted the police. There is no further threat and the bank is offering all possible assistance to affected customers.

There is no evidence so far that the Fed was actually hacked. This leads to the interesting question: why? Why does LockBit claim this?

An act of desperation

The answer lies in the dynamics of the ransomware market. LockBit works according to the principle of “ransomware-as-a-service”: the hackers write the malware, but offer others, like in a franchise, the opportunity to install the software on the victims’ systems, after which both parties share the spoils.

This sales model makes attention and relevance a coveted resource. Only when a ransomware is well-known does it attract enough distributors. After the attack by the US justice system, LockBit lost precisely this resource. The infrastructure for processing payments, servers, networks were confiscated, the malware and how it works are well known.

With the alleged hack on the Fed, LockBit is now trying to portray itself as more important than it is, presumably in the hope of gaining influence on the darknet. The alleged coup therefore shows not strength but weakness, not ineffectiveness but effectiveness of the justice system’s actions – and desperation among the hackers.

Reality is therefore not necessarily cheaper and less credible than a bad action film – but rather than a comedy.

Discover more from BitcoinBlog.de – the blog for Bitcoin and other virtual currencies

Sign up to receive the latest posts via email.

Source: https://bitcoinblog.de/2024/06/27/sensationslust-oder-realitaet-lockbit-und-der-angeblich-einbruch-in-die-us-notenbank/

Leave a Reply