LockBit's Claim of Hacking Federal Reserve Dismissed

The purported breach of the United States Federal Reserve has been dismissed as a bluff as deeper analysis is conducted on LockBit's ransomware claims of a 33TB data theft. The community unraveled details following LockBit's ransomware leak deadline on June 25, 2024, at 08:30 UTC. Days earlier, the infamous ransomware gang boasted of stealing 33TB of data from the Federal Reserve, as initially reported by CSO Online. This set a tense stage for potential negotiations between LockBit and federal authorities. However, with the deadline passed and the data analyzed, the cybersecurity community has voiced skepticism regarding the veracity of LockBit's claims.

Following the deadline, key insights from researchers at Dark Web Informer (@DarkWebInformer), Dominic Alvieri (@AlvieriD), and Zscaler ThreatLabz suggested that the claims were fabricated, a tactic not new to LockBit. These researchers noted inconsistencies in the data purportedly from the Federal Reserve, with evidence pointing instead to unrelated data from Evolve Bank & Trust—a bank recently penalized by the Federal Reserve. This misdirection aligns with LockBit's history of dubious claims, including previous false breaches of federal entities.

The Record further clarifies the extent of the breach at Evolve Bank & Trust, noting that the hackers compromised personal identification information (PII) and posted it on the dark web. While the exact scope of the leaked data remains under investigation, the bank has assured that measures are in place to mitigate damage, including offering credit monitoring services to affected customers and reissuing account numbers where necessary.

The diligence in following and debunking LockBit's claims by the cybersecurity community has helped to quell initial fears of a major breach as mere ransomware scare tactics. This scenario underlines the importance of accurately assessing claims made by cybercriminals like LockBit, who exploit sensitive situations for their gain. It also promotes collaboration within the cybersecurity community to prevent misinformation and underscores the necessity of maintaining skepticism when dealing with ransomware threats.