A hacking group, responsible for the recent shutdown of Fulton County, Georgia’s websites, is now issuing threats to release sensitive documents from the state’s court system. These documents allegedly include materials related to the criminal case against former President Donald Trump unless a ransom is paid by Thursday morning.
As reported by Business Insider on February 28, 2024, the group identified as LockBit, posted a message on its website stating that the stolen documents contain significant information, including details regarding Donald Trump’s court cases that could impact the upcoming US election. Originally setting the deadline for payment on March 2, LockBit later advanced the timeline to Thursday, February 29, at 8:49 a.m. ET.
The exact ransom amount remains undisclosed, with negotiations typically occurring in private, according to Dan Schiappa, Chief Product Officer at the cybersecurity firm Arctic Wolf.
LockBit recognized as one of the most notorious ransomware groups globally, has targeted over 2,000 victims and amassed over $120 million in ransom funds, as per the US Department of Justice. Recent victims include Boeing, the UK’s National Health Service, Royal Mail, and the state-owned Industrial and Commercial Bank of China.
Operating on a service model, LockBit develops sophisticated ransomware tools, leasing them out to other hackers for deployment against targets while taking a portion of the ransom. The group is believed to be led by a hacker using the pseudonym LockBitSupp, thought to be based in Russia.
Despite a coordinated law enforcement operation taking down LockBit’s website on February 20, involving the FBI, the UK’s National Crime Agency, and other agencies, LockBit managed to restore its website over the weekend, claiming to possess backup copies of documents taken from the Fulton County government’s website.
The group renewed its ransom demands, criticizing the FBI’s swift action to prevent document leaks related to Trump’s criminal case, which LockBit claims could influence the 2024 presidential election. The message also made political statements, purportedly expressing support for Trump and disparaging President Biden’s administration, while taunting the FBI as “strong competitors.”
The authenticity of LockBit’s political stance remains unclear, with cybersecurity experts unable to definitively interpret the group’s motives. The Fulton County government confirmed a ransomware attack on February 19, affecting its websites and online services. While investigations are ongoing, no evidence suggests a compromise of personal or confidential information.
The criminal case against Trump in Georgia, arising from a phone call pressuring state officials to overturn election results, is being investigated by Fulton County District Attorney Fani Willis. Willis is exploring potential charges including election fraud, racketeering, and conspiracy against Trump and his allies. LockBit’s claim of possessing documents related to Trump’s case and their method of acquisition remain uncertain. Neither Willis nor state officials have commented on the group’s threat or ransom demand.
