iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
LockBit’s claims of breaching and exfiltrating data from the US Federal Reserve have been proven false after the group’s leak countdown timer hit zero, but data allegedly for another organisation was published.
As expected by researchers, the prolific ransomware gang failed to publish any Federal Reserve data, but it instead published data allegedly belonging to Evolve Bank & Trust (Evolve), an organisation a US Federal Reserve board called out earlier this month.
The first download link on the LockBit page links to a press release by the Board of Governors of the Federal Reserve System announcing action against Evolve for “deficiencies in the bank’s anti-money laundering, risk management, and consumer compliance programs”.
“Examinations conducted in 2023 found that Evolve engaged in unsafe and unsound banking practices by failing to have in place an effective risk management framework for those partnerships,” the release said.
“In addition, Evolve did not maintain an effective risk management program or controls sufficient to comply with anti-money laundering laws and laws protecting consumers.”
Every other link on the site leads to directories containing data that seems to belong to Evolve.
According to the data, this includes payment processing information, customer relationship management data and more.
There were also files pertaining to Synapse, a banking-as-a-service start-up that was partnered with Evolve Bank & Trust but recently declared bankruptcy.
Several researchers who have seen the data have ruled that LockBit is bluffing, but others on X believe that there is more to come.
The US Federal Reserve has yet to comment on the matter, as does Evolve or Synapse. Cyber Daily has reached out to Evolve for comment on the matter.
LockBit listed the US Federal Reserve on its site on 23 June, claiming to have exfiltrated 33 terabytes of “juicy banking information containing American’s banking secrets”.
“The Reserve operates twelve banking districts around the country which oversee money distribution within their respective districts.
“The twelve cities which are home to the Reserve Banks are Boston, New York City, Philadelphia, Richmond, Atlanta, Dallas, Saint Louis, Cleveland, Chicago, Minneapolis, Kansas City, and San Francisco,” LockBit said.
It also alluded that ransom negotiations with the Federal Reserve have begun and that it is unhappy with any ransom offers made so far.
“You better hire another negotiator within 48 hours, and fire this clinical idiot who values Americans’ bank secrecy at $50,000,” LockBit said.
LockBit has not said anything new outside of leaking alleged Evolve data.
Be the first to hear the latest developments in the cyber industry.
