US and Non-US LockBit Victims Can Get a Free Decryption Key From FBI

• The Federal Bureau of Investigation has been looking into the LockBit ransomware campaign since 2020.
• A joint disruption operation made it possible to offer thousands of decryption keys to the victims inside and outside the U.S.
• Decryption assistance is available via completing an FBI form on the IC3.

FBI’s Cyber Division Assistant Director Bryan Vorndran said during a cybersecurity conference in Boston earlier this month that the government agency has thousands of ransomware decryption keys ready to be shared with LockBit victims. LockBit has functioned as a Ransomware-as-a-Service (RaaS) affiliate-based variant since January 2020. 

The FBI coordinated with an international task force in a joint disruption operation against LockBit. It now offers approximately 7,000 LockBit keys to U.S. and international victims who seek help or additional information regarding a LockBit attack against their organization and/or wish to participate in the American LockBit prosecutions.

You can easily acquire a free decryption key from the FBI and avoid having to pay ransom to cybercriminals who use LockBit. All you have to do is fill all fields of the questionnaire on FBI’s Internet Crime Complaint Center (IC3) to the best of your ability, complete with selecting version(s) of LockBit encrypting your system(s). The FBI will reach out as soon as possible after the form submission. 

Affiliates attacked numerous businesses and critical infrastructure organizations in the United States and internationally throughout these years, deploying LockBit via various tools, techniques, and procedures. 

Since the debut version, LockBit 1.0, the ransomware strain has released newer versions such as LockBit 2.0 (LockBit Red), LockBit 3.0 (LockBit Black), LockBit Linux/ESXI, and LockBit Green, while LockBit 4.0 is reportedly under development. 

LockBit targeted several enterprises throughout the years, including multinationals such as consulting firm Accenture, from which the actors claimed to have stolen 6 terabytes of data worth $50 million in ransom payment.

LockBit was set up by a Russian coder from Voronezh named Dimitri Khoroshev, who uses online aliases like Putinkrab, Nerowolfe, and LockBitsupp. The US State Department offers a $10 million reward for information that could lead to an arrest. The identities of the criminal organization’s high-ranking members who created and distributed the ransomware remain unknown.