Claims by ransomware group LockBit, that they had exfiltrated “33 TB of data from the U.S. Federal Reserve,” were greatly exaggerated. As we reported earlier, the experts had a feeling that the boasts were unrealistic. Now that the extortion deadline has passed, it’s being called “a publicity stunt.”
LockBit didn’t have the goods
The U.S. Federal Reserve, aka “the creature from Jekyll Island,” offered LockBit a quick $50,000 to go away.
The hackers didn’t take it. Instead, they made a post on their favorite media platform to the effect that Jerome Powell should be ashamed of himself for taking national banking security so lightly. Next time, give samples, the fed shot back. Then, they waited out the deadline.
Just like all the insiders expected, when the big day dawned, LockBit was empty handed. Instead of a major strike at the heart of the Federal Reserve, LockBit’s “stolen data turns out to have come from just one U.S. bank.”
LockBit Ransomware Stole Customer Data From Evolve Bank & Trust (update) not Federal Reservehttps://t.co/qk3L1H9YQN
— UnboundedLife (@unboundedlife1) July 3, 2024
One that “has recently been scrutinized by the Fed for its deficient risk management and compliance policies.” Evolve Bank & Trust was simply begging to be hacked.
This particular hack didn’t “pose a dire threat to the entire banking system” as advertised but that doesn’t mean it wasn’t serious. LockBit previously made a bundle renting out their malware with the concept of “ransomware as a service.”
Ever since the FBI shut them down, they’ve been losing money. They’re still around, just harder to find. They wanted everyone to know they’re still open for business so pulled a high profile extortion attempt as “a PR stunt.” They weren’t expecting the fed to call their bluff.
Desperate to keep clients
This move by LockBit, experts note, proves how desperate they are to retain their client base. Before the Feds hit them recently, the hackers “had enough regular and legitimate business in stolen data that it did not bother pulling stunts like this.”
It’s interesting that “stolen data” can be considered a legitimate business.
While “this fake attack on the U.S. Federal Reserve” seems “to have been a ploy to get into the news,” What really happened is that LockBit hit “a hybrid fintech operation that has a limited amount of physical locations in the states of Arkansas and Tennessee.”
LockBit’s Claimed Hack on US Federal Reserve Turns Out to Be a Publicity Stunt Stolen Data Came From Just One US CPO Magazine https://t.co/rU98jVKsIi
— David McDonald ????????❤️ ????x7 dmcd2324.bsky.social (@DMcD_Advocate) July 2, 2024
Evolve Bank & Trust confirmed both the hack itself and that “the stolen data appears to entirely come from this breach.” Evolve notes that while it had nothing to do with the Federal Reserve, it was “previously unseen material.”
If LockBit had done what they alleged, steal 33 Terabytes of data from the Federal Reserve, it would have “sent devastating shock waves throughout the whole of the country’s banking system, with likely serious ripple effects for many other countries.”
Simply announcing they had done it grabbed everyone’s attention. “LockBit knew such a bold claim would immediately break them out of the usual bubble of cybersecurity news and capture mainstream attention, and the group played up the situation for several days.“
