Trend helps shield the world from an unreleased ransomware attack and delivers advanced protection to customers
DALLAS, Feb. 22, 2024 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today revealed its critical role in helping global law enforcement partners disrupt mega-ransomware group LockBit, and kill the viability of its long-term malware plans. Through undercover infiltration, Trend helped prevent the release of the group's next malware products and automatically installed protection for Trend Micro customers, even before the group themselves had finished testing.
Robert McArdle, a leader in Trend Micro's cybercrime research team and collaborator with the Federal Bureau of Investigation (FBI) and National Crime Agency (NCA), said: "We are honored that our threat intelligence is uniquely valuable to global law enforcement in the shared mission to make the world safer."
This group was responsible for about 25 percent* of all ransomware leaks in 2023 and caused billions of dollars in losses for thousands of global victims over the past four years.
McArdle continued, "Last week Trend secured global Microsoft users from a critical vulnerability and this week we were a part of dethroning the most critical threat actor group in the world. Now, insiders aren't naïve enough to assume this will eliminate the crime group, but we know that no sane criminal would want to be involved with this group again."
Details from behind the scenes are unfolding and include cryptocurrency seizure, arrests, indictments, imposing sanctions and additional technical support for victims. The operation took over LockBit's leak site, disclosing information and personal identities of group members and details of their previous works. These actions essentially make the group unwelcome and untrusted in the cybercrime world—and therefore unviable as an underground business.
Ransomware is one of the most serious cyber threats facing organizations today, known for disrupting schools, hospitals, governments, and businesses and imperiling critical national infrastructure. It does all of this while lining the pockets of a few small cybercrime groups: last year, victims paid over $1 billion to these groups and their affiliates, a record figure.
This work ultimately supported the following outcomes:
While LockBit was, without doubt, the largest and most impactful Ransomware operation globally, this disruption makes it very clear that all criminal affiliates should strongly reconsider any involvement with them in the future and that in partnering with this organization, these associates have put themselves at increased risk of law enforcement action.
An upcoming blog will cover findings from Trend's analysis of the next version of LockBit ransomware malware will be issued Thursday by NCA and will be made available here: https://research.trendmicro.com/lockbit-blog
*Based on Trend Micro analysis and tracking of ransomware leak sites, LockBit accounted for approximately 25 percent of all ransomware leaks in 2023.
About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world. www.TrendMicro.com.
SOURCE Trend Micro