The US FBI says it has more than 7,000 decryption keys for Lockbit Ransomware. The organization can therefore help victims recover their data. The Lockbit Ransomware collection was removed in February.

The Lockbit Ransomware suite not only encrypted data but also stole data. A ransom was then demanded to regain access to the data. “But they also keep a copy of all the data and sometimes ask for a second payment to prevent them from publishing your personal or company information online.” Tells Brian Vorndran of the FBI during a conference in the United States on cybersecurity.

Since 2019, the ransomware used has also been rented to others; This is called ransomware as a service. In 2022, Lockbit became the most widely used type of ransomware in the world. According to Vorndran, the group is responsible for up to 2,400 attacks worldwide, more than 1,800 of which occurred in the United States. The total damage amounts to billions of dollars.

Last February, international police forces seized the Lockbit website. The Dutch police, as well as the FBI, participated in the so-called “Operation Kronos.” More than thirty servers were also removed from the Internet, several arrests were made and a decryption tool was published on NoMoreRansom.

Police organizations from the US, UK and Australia announced the identity of the ransomware ring’s leader in May. The Russian man was banned from traveling and his bank account was frozen. The US authorities are offering $10 million to anyone who provides information leading to the man’s arrest or conviction.