Arrested development: top hacker busts of 2024

January 3, 2025 – Published on Cybernews

Whether we like it or not, every year marks a new anti-record for ransomed organizations, disrupted hospitals, and leaked user data. However, law enforcement agencies around the world don’t sit idle.

2024 has arguably seen some of the most intense and consequential operations combating cybercrime. To better understand which actions were the most important, Cybernews asked the opinions of some cybersecurity pros.

First up: Operation Cronos. The months-long international operation, aptly named after an ancient Greek time deity, was a strong year’s kick-off for law enforcement. Led by the UK National Crime Agency (NCA), the operation targeted the largest and most prolific ransomware cartel of recent times, LockBit.

Not only did the operation severely hit LockBit’s infrastructure, but law enforcement publicized its findings in a somewhat novel way. Virtually all new information about the action was published via LockBit’s dark web blogs, hurting the group leader’s somewhat cocky persona as well as trust in the gang’s operational security practices.

Exposing Khoroshev, also known as LockbitSupp, was a particularly juicy development. Khoroshev’s exposure allowed US authorities to add the cybercrook to the Specially Designated Nationals and Blocked Persons list (“SDN List”). According to Grayson North, principal consultant at GuidePoint Security, even though Khoroshev remains at large, his life under US sanctions has surely become a lot more difficult.

“Following the imposition of sanctions by the US, UK, and Australian governments, the group remains sparsely active but otherwise appears to be operating at a fraction of its peak, likely representing a departure of skilled affiliates now unable to obtain ransoms from US-based victims,” North said.

Read More HERE.