Over 200 Crypto Accounts Linked to Ransomware Operator LockBit Frozen

Crypto Regulation Ransomware
Last updated:
Author
Author
Jai Pratap
About Author

Jai serves as the Asia Desk Editor for Cryptonews.com, where he leads a diverse team of international reporters. Jai has over five years of experience covering the web3 industry.

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

A coordinated international operation has targeted one of the leading ransomware operator group LockBit, freezing over 200 cryptocurrency accounts linked to their activities.

The action, dubbed Operation Cronos, involved collaboration between the U.S. Department of Justice (DOJ), Europol, and law enforcement agencies from multiple countries.

Europol said that two LockBit actors had been arrested in Poland and Ukraine, and that a further two defendants, thought to be affiliates, had been arrested and charged in the US.

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) blacklisted 10 bitcoin and ether addresses associated with the group.

Data from Arkham Intelligence revealed that some OFAC-listed addresses on Tuesday were linked to deposit accounts on KuCoin, Coinspaid, and Binance.

These actions effectively block U.S. entities from providing any financial services to the individuals or the listed crypto addresses.

LockBit, accused of stealing over $120 million from victims worldwide, employs a “Ransomware-as-a-Service” (RaaS) model. This means they develop and distribute ransomware tools to affiliates who then deploy them in attacks, often targeting municipal entities and private companies.

LockBit Website
LockBit Website

Decryption Keys Being Distributed to LockBit’s Victims

As reported earlier, authorities seized LockBit’s website and various pages, hindering their operations and communication channels. Additionally, Europol reports that decryption keys are being distributed to victims, offering them a chance to regain access to their locked files without paying ransoms.

As per the announcement, the law enforcement agencies recovered more than 1,000 decryption keys earmarked for victims of LockBit’s attacks. The authorities will be contacting those victims to aid them in the recovery of encrypted data.

The NCA’s director general, Graeme Biggar, said, “Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems.”

More Articles

Features
Central African Republic Meme Coin: Big Promises, Bigger Doubts
Olga Primakova
Olga Primakova
2025-02-14 13:17:25
Blockchain News
Bybit Removed from France’s AMF Blacklist, Aims for MiCA Approval
Veronika Rinecker
Veronika Rinecker
2025-02-14 12:57:13
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors