The identity of the leader of the famous and feared cybercriminal group LockBit was revealed on Tuesday by authorities around the world. A lot of juicy information has been published about him.
Like in a good old western, his face appears almost everywhere on the Web, on posters stamped “Reward”, for “reward” in French. Dmitry Khoroshev, known under the pseudonym LockBitSupp, saw his identity revealed to the whole world on Tuesday May 7, 2024. The man, a 31-year-old Russian, is at the head of the most dangerous ransomware gang in recent years, LockBit, recently behind the major cyberattack launched against the Cannes hospital.
A reward of $10 million will be paid to those who help find the boss of LockBit
The hacker was unmasked by the United States, the United Kingdom and Australia, as part of Operation Cronos, in which the French Gendarmerie has been participating in particular for many months. We learn that Dmitry Khoroshev, who until now shone through his anonymity, is both the administrator and developer of the LockBit hacker group.
The USA has already announced that it will offer $10 million for any information needed to stop cybercriminals. What is certain is that the man, whose photo you will have understood has also been published, will no longer be able to travel and will now be subject to a series of asset freezes. Everything will be done to cut off his supplies and neutralize him.
In any case, we learned, through the French ethical hacker and CEO of Predicta Lab, Baptiste Robert, that he had profiles on platforms like OpenVK (an open source social network) or Yandex Food, the Russian Uber Eats , and an iCloud account. We also learn that he likes the Mercedes brand, among other information which was able to be discovered thanks to two email addresses provided by the authorities.
LockBit, terror ransomware group
Between June 2022 and February 2024, more than 7,000 cyberattacks carried out using LockBit’s systems were recorded, with France among the five countries hardest hit by the gang. More than 2,000 victims have already been forced into negotiations by the group’s hackers, including around a hundred hospitals and companies in the health sector.
Since the revelation to the general public of Operation Cronos, which led to a planetary-scale operation supposed to “bring down” LockBit, the collective did not fail or delay in reconstituting an active infrastructure, taking advantage of a period floating to attack new targets, including the Cannes hospital last month.
LockBit can, or at least was able to count on a network of 194 affiliates around the world, all of whom used the group’s services until February 2024. Among them, there are 114, according to the authorities, to have paid the thousands of dollars which allow them to join the program. On Tox messaging, someone tries to explain that the person they are looking for is not the right one. Just to maintain the mystery around LockBit, and undoubtedly to reassure affiliates.
Sources: NCA, X.com account by Baptiste Robert
9