Techly NewsGet the app

Get the latest tech news

How a cybersecurity researcher befriended, then doxed, the leader of LockBit ransomware gang


Jon DiMaggio used sockpuppet accounts, then his own identity, to infiltrate LockBit and gain the trust of its alleged admin, Dmitry Khoroshev.

The goal during this phase was to create a cybercriminal persona that had some sort of history and connections in the underground, which would make it easier to appear credible when reaching out directly to LockBit and its administrator. DiMaggio said that at this point he reached out to the FBI, with whom he’s had a relationship as a private industry partner, and told them he had identified Khoroshev as the LockBit’s administrator, and he planned to write a report revealing that. In talking openly about his operation, DiMaggio said he hopes to show how researchers can find out information about cybercriminals by infiltrating their groups, and not just collecting data from hacks or lurking on forums.

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of LockBit

LockBit

Photo of ransomware gang

ransomware gang

Photo of leader

leader

Related news:

News photo

UK data watchdog to fine NHS vendor Advanced for security failures prior to LockBit ransomware attack

News photo

Ransomware gang targets IT workers with new SharpRhino malware

News photo

Planted bomb, remote control and AI: How the Mossad killed Hamas' leader in Iran

« The Tippy Type makes typing with long nails less tedious
Warner Bros. Discovery pretty much wiped the Cartoon Network website »