LockBit Ransomware Gang Publishes Files, Federal Reserve Lowballs Ransom

The LockBit ransomware gang named the Federal Reserve on its dark victim blog in late June and promised to publish stolen data from the Fed on June 25th if its ransom demand was not paid. According to Stefanie Schappert of Cybernews, the Fed made an offer and the gangsters refused, emphatically.

“You better hire another negotiator within 48 hours, and fire this clinical idiot who values Americans’ bank secrecy at $50,000,” LockBit posted on its dark blog.

On July 25th, LockBit published 21 links, “containing files of what appears to be parent directories, torrents, and compressed archive files belonging to another US financial institution, Evolve Bank and Trust.”

Evolve Bank and its parent Evolve Bancorp Inc., were recently cited by the Feds for unsafe banking practices. They were served a cease-and-desist order in June, alleging deficiencies in anti-money laundering, risk management, and consumer compliance programs.

Evolve has open banking partnerships with Fintech platforms including Mastercard, Visa, Affirm, Melio, Stripe, and Airwallex. The gangsters attached a Federal Reserve press release dated June 14th concerning the Evolve enforcement action to the stolen files.

The Cybernews article quotes a cybersecurity expert who says the gang’s threats indicate that “even our most integral governmental entities are not infallible to ransomware attacks.” But the article also notes that many security insiders think LockBit’s threats are a bluff in response to the successful targeting of the gang by US law enforcement.