Share this article on:
After a rather long hiatus, LockBit is fighting back against the FBI, having written a personal birthday message to the bureau’s director, Christopher Asher Wray, saying it has exfiltrated data.
In a post to Telegram, a user named Fox William Mulder (in reference to the fictional FBI agent from the X-FIles TV series) wrote a sarcastically heartfelt message to Wray, wishing him a happy birthday.
“Friends! Today is a significant day! It’s the FBI Director’s Birthday,” said the user.
“Dear Christopher Asher Ray [sic]. On this wonderful day, I want to sincerely congratulate you on your birthday and wish you all the best. May your life always be wonderful and full of good moments, for example, how you caught me or at least learned my identity.
“May your memories be only bright and good, for example, how your employees deceived you and said that they supposedly found me. May you be surrounded by people who will help you rise even higher, although where else can you go higher?
“May your work be easy and beloved, and your salary – high and desirable, like mine. May your eyes always shine as they do now, may your money never end, and may all your dreams come true as quickly as you wish.
“Accept this archive as a gift. I ask that no one download this archive under any circumstances, this archive is only for the FBI Director.
“Happy Birthday again!”
💡LockBit has a message for Christopher Wray, who was the director of the FBI. pic.twitter.com/IwQbQ6RKjd
— Dark Web Informer - Cyber Threat Intelligence (@DarkWebInformer) December 17, 2024
Cyber Daily noted that the archive in question is password-protected and inaccessible. It is currently unclear what the archive entails, but it could be new FBI data.
Cyber Daily has reached out to the FBI for more information.
While referred to as the director of the FBI, Wray announced that he would be resigning from the position at the end of President Joe Biden’s term.
While LockBit has been all but inactive since the latest Operation Cronos activity by the FBI and global law enforcement, other threat actors have also named the FBI in recent days.
On 14 December, threat actor “miyako” listed alleged firewall access to an FBI subdivision in a post to a popular hacking forum.
According to the listing, root access to a server hosting the firewall for the subdivision was for sale.
This listing has since been updated to say the access had been sold.
Cyber Daily has been unable to verify which subdivision the access was allegedly for, nor if the access is legitimate.
Just days later, a threat actor named “Mr Hamza” posted on Telegram claiming to have brought down the website of the FBI’s biometric standards division, with a screenshot of the site showing a bad gateway error.
“We’re sorry…,” the site said.
“The page you are looking for had an error.”
According to a check-host.net screenshot by @cyberfeeddigest on X, the site was timing out at all server locations.