Federal Reserve’s Secrets Exposed By Ransomware? Is LockBit Bluffing?

0
469

from Great Game India:

In a dramatic turn, the LockBit ransomware group has claimed to have stolen a vast trove of files from the US Federal Reserve and Evolve Bank and Trust, alleging a breakdown in ransom negotiations. The group threatened to release 33 terabytes of sensitive banking data if their demands weren’t met, accusing the Federal Reserve of undervaluing American bank secrecy. This escalation follows a cease-and-desist order issued to Evolve Bank for banking violations by federal regulators. Despite skepticism from cybersecurity experts about the claims’ validity, the incident underscores ongoing cybersecurity threats to critical institutions like the Federal Reserve.

TRUTH LIVES on at https://sgtreport.tv/

The Russian-affiliated group released 21 unique URLs containing files that appear to be parent directories, torrents, and compressed archive files from another US financial institution, Evolve Bank and Trust.

The bank and its parent business, Evolve Bancorp Inc., were recently singled out by the Federal Reserve for engaging in risky and unsound banking activities.

LockBit mentioned the Federal Reserve on its dark victim blog over the weekend, threatening to disclose the alleged stolen data on June 25th if a ransom was not paid by the deadline.

Federal Reserve's Secrets Exposed By Ransomware? Is LockBit Bluffing? 2
LockBit leak site. Image by Cybernews.

Claiming to have obtained “33 terabytes of juicy banking information containing Americans’ banking secrets,” the group also implied that negotiations had broken down due to an unacceptable ransom offer from the US central bank.

“You better hire another negotiator within 48 hours, and fire this clinical idiot who values Americans’ bank secrecy at $50,000,” LockBit stated on its secret site.

Federal Reserve's Secrets Exposed By Ransomware? Is LockBit Bluffing? 3
LockBit leak site. Image by Cybernews.

Meanwhile, the Federal Reserve Board issued a cease-and-desist order to Evolve Bank and Trust this month, alleging numerous “deficiencies” in the bank’s anti-money laundering, risk management, and consumer compliance systems.

The independent consumer banking-as-a-service and mortgage lender, headquartered in Memphis, Tennessee, services people and small businesses in at least 17 states throughout the US, with assets estimated to be $1.3 billion in 2022, according to its website.

Evolve is also noted for its open banking collaborations with Fintech platforms like Mastercard, Visa, Affirm, Melio, Stripe, and Airwallex.

As part of the stolen collection, LockBit kindly attached a Federal Reserve press release from June 14th regarding the Evolve enforcement action.

According to Josh Jacobson, Director of Professional Services at HackerOne, LockBit’s threats demonstrate that “even our most integral governmental entities are not infallible to ransomware attacks.”

“If the Federal Reserve is impacted, that could have global implications. This is not a siloed infrastructure where a finite number of customers are impacted. The potential for residual impact definitely factors in, as well as long-term reputation and trust,” he said.

Is LockBit bluffing?

Many security insiders discounted the group’s assertion on Monday, believing it was more likely a bluff geared at US law enforcement for its systematic and sometimes successful targeting of the gang over the last six months.

Jacobson observed that LockBit’s warnings frequently emphasize “impact and urgency,” raising the victim’s “fight or flight mentality.” It’s a frequent technique that works well for ransomware gangs, according to Jacobson.

A victim thinks, “Goodness, this is bad, and I have to do something right now, and I am under a lot of pressure,” he added, adding that “the uncertainty exacerbates the event.”

Federal Reserve's Secrets Exposed By Ransomware? Is LockBit Bluffing? 4
LockBit leak site. Image by Cybernews.

“At this stage, we sense that LockBit’s announcement might be a hoax,” agreed Aviral Verma, Lead Security Analyst at the cybersecurity firm Securin.

Verma also out that, until Tuesday, the gang had not publicized any samples of stolen data, which was contrary to their regular practice.

“This won’t be the first time the group has made false claims, the group had even claimed the FBI as one of its victims out of frustration,” Verma said, referring to February’s temporary takedown of the group, dubbed Operation Cronos.

Read More @ GreatGameIndia.com