Despite the LockBit ransomware-as-a-service gang claiming to be back after a high-profile takedown in mid-February, there are significant, ongoing disruption to the group’s activities. The analysis also identified ripple effects throughout the cybercrime underground, and implications for business risk.

LockBit was responsible for 25%-33% of all ransomware attacks in 2024, making it the biggest financial threat actor group of the last year. Since 2020, it has claimed thousands of victims and millions in ransom, including cynical hits on hospitals during the pandemic. The operation involving multiple law enforcement agencies around the world, led to outages on LockBit-affiliated platforms, and a takeover of its leak site by the UK’s National Crime Agency. Authorities made arrests, imposed sanctions, seized cryptocurrency, and more. Authorities also revealed that LockBit did not delete victim data after promises were made.

Read More: LockBit Ransomware Takedown Strikes Deep Into Brand’s Viability