WORLD NEWS FLASH
UNITED STATES
After a big celebration was marred by yet another mass shooting in the United States, those involved with creating the melee are being held responsible.
On Feb. 14, the Kansas City Chiefs celebrated their victory at Super Bowl LVIII with a parade at Union Square in their hometown. Right after the event ended, gunfire rang out, leaving civilians scrambling for cover. In all, 23 people were shot, including 11 children, and one fatality: Lisa Lopez-Galvan, a 43-year-old radio DJ. Ten others suffered non-gunshot injuries.
In the aftermath, two juveniles were taken into custody. So far, they have only been charged with gun related offenses and resisting arrest.
On Feb. 20, Jackson County Prosecutor Jean Peters Baker announced that Dominic Miller and Lyndell Mays had been charged with second-degree murder, two counts of armed criminal action and unlawful use of a weapon. Both are being held on $1 million bond. Baker said that a bullet from Miller’s gun was the one that mortally wounded Lopez-Galvan.
A motive for the shooting has not been fully confirmed, though it has been said that it stemmed from a disagreement and not terrorism.
Meanwhile, Chiefs quarterback and Super Bowl MVP Patrick Mahomes said that he was praying for Kansas City on social media.
Also responding to the tragedy was President Joe Biden, who issued a statement on the day of the shooting.
“The Super Bowl is the most unifying event in America. Nothing brings more of us together. And the celebration of a Super Bowl win is a moment that brings a joy that can’t be matched to the winning team and their supporters. For this joy to be turned to tragedy today in Kansas City cuts deep in the American soul.
“Today’s events should move us, shock us, shame us into acting. What are we waiting for? What else do we need to see? How many more families need to be torn apart?
“It is time to act. That’s where I stand. And I ask the country to stand with me. To make your voice heard in Congress so we finally act to ban assault weapons, to limit high-capacity magazines, strengthen background checks, keep guns out of the hands of those who have no business owning them or handling them.
“We know what we have to do, we just need the courage to do it.
“Today, on a day that marks six years since the Parkland shooting, we learned that three police officers were shot in the line of duty in Washington, DC and another school shooting took place at Benjamin Mays High School in Atlanta. Yesterday marked one year since the shooting at Michigan State University. We’ve now had more mass shootings in 2024 than there have been days in the year.
“The epidemic of gun violence is ripping apart families and communities every day. Some make the news. Much of it doesn’t. But all of it is unacceptable. We have to decide who we are as a country. For me, we’re a country where people should have the right to go to school, to go to church, to walk the street – and to attend a Super Bowl celebration – without fear of losing your life to gun violence.
“Jill and I pray for those killed and injured today in Kansas City, and for our country to find the resolve to end this senseless epidemic of gun violence tearing us at the seams.”
MASS SHOOTING UPDATE
Information recent as of 2-20-2024 at 12 p.m.
2024 Mass Shooting Stats: (Source: Mass Shooting Tracker – https://www.massshootingtracker.site/data/?year=2024)
- Total Mass Shootings: 67
- Total Dead: 121
- Total Wounded: 221
- Shootings Per Day: 1.31
- Days Reached in Year 2024 as of Feb. 20: 51
UNITED KINGDOM
ALLIES COLLAB TO FIGHT RANSOMWARE
The U.S. Department of Justice joined the United Kingdom and international law enforcement partners in London Feb. 20 to announce the disruption of the LockBit ransomware group, one of the most active ransomware groups in the world that has targeted over 2,000 victims, received more than $120 million in ransom payments, and made ransom demands totaling hundreds of millions of dollars.
The U.K. National Crime Agency’s Cyber Division, working in cooperation with the Justice Department, FBI, and other international law enforcement partners disrupted LockBit’s operations by seizing numerous public-facing websites used by LockBit to connect to the organization’s infrastructure and seizing control of servers used by LockBit administrators, thereby disrupting the ability of LockBit actors to attack and encrypt networks and extort victims by threating to publish stolen data.
“For years, LockBit associates have deployed these kinds of attacks again and again across the United States and around the world. Today, U.S. and U.K. law enforcement are taking away the keys to their criminal operation,” said Attorney General Merrick B. Garland. “And we are going a step further – we have also obtained keys from the seized LockBit infrastructure to help victims decrypt their captured systems and regain access to their data. LockBit is not the first ransomware variant the Justice Department and its international partners have dismantled. It will not be the last.”
Additionally, the National Crime Agency, in cooperation with the FBI and international law enforcement partners, has developed decryption capabilities that may enable hundreds of victims around the world to restore systems encrypted using the LockBit ransomware variant. Beginning today, victims targeted by this malware are encouraged to contact the FBI at https://lockbitvictims.ic3.gov/ to enable law enforcement to determine whether affected systems can be successfully decrypted.
The Justice Department also unsealed an indictment obtained in the District of New Jersey charging Russian nationals Artur Sungatov and Ivan Kondratyev, also known as Bassterlord, with deploying LockBit against numerous victims throughout the United States, including businesses nationwide in the manufacturing and other industries, as well as victims around the world in the semiconductor and other industries. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.
Finally, the Department also unsealed two search warrants issued in the District of New Jersey that authorized the FBI to disrupt multiple U.S.-based servers used by LockBit members in connection with the LockBit disruption. As disclosed by those search warrants, those servers were used by LockBit administrators to host the so-called “StealBit” platform, a criminal tool used by LockBit members to organize and transfer victim data.
According to the indictment obtained in the District of New Jersey, from at least as early as January 2021, Sungatov allegedly deployed LockBit ransomware against victim corporations and took steps to fund additional LockBit attacks against other victims. Sungatov allegedly deployed LockBit ransomware against manufacturing, logistics, insurance, and other companies located in Minnesota, Indiana, Puerto Rico, Wisconsin, Florida, and New Mexico. Additionally, as early as August 2021, Kondratyev similarly began to allegedly deploy LockBit against multiple victims. Kondratyev, operating under the online alias “Bassterlord,” allegedly deployed LockBit against municipal and private targets in Oregon, Puerto Rico, and New York, as well as additional targets located in Singapore, Taiwan, and Lebanon. Both Sungatov and Kondratyev are alleged to have joined in the global LockBit conspiracy, also alleged to have included Russian nationals Mikhail Pavlovich Matveev and Mikhail Vasiliev, as well as other LockBit members, to develop and deploy LockBit ransomware and to extort payments from victim corporations.
“Today’s indictment, unsealed as part of a global coordinated action against the most active ransomware group in the world, brings to five the total number of LockBit members charged by my office and our FBI and Computer Crime and Intellectual Property Section partners for their crimes,” said U.S. Attorney Philip R. Sellinger for the District of New Jersey. “And, even with today’s disruption of LockBit, we will not stop there. Our investigation will continue, and we remain as determined as ever to identify and charge all of LockBit’s membership – from its developers and administrators to its affiliates. We will put a spotlight on them as wanted criminals. They will no longer hide in the shadows.”
With the indictment unsealed today, a total of five LockBit members have now been charged for their participation in the LockBit conspiracy. In May 2023, two indictments were unsealed in Washington, D.C., and the District of New Jersey charging Matveev with using different ransomware variants, including LockBit, to attack numerous victims throughout the United States, including the Washington, D.C., Metropolitan Police Department. Matveev is currently the subject of a reward of up to $10 million through the U.S. Department of State’s Transnational Organized Crime Rewards Program, with information accepted through the FBI tip website at www.tips.fbi.gov/.
In November 2022, a criminal complaint was filed in the District of New Jersey charging Vasiliev in connection with his participation in the LockBit global ransomware campaign. Vasiliev, a dual Russian-Canadian national, is currently in custody in Canada awaiting extradition to the United States. In June 2023, Russian national Ruslan Magomedovich Astamirov was charged by criminal complaint in the District of New Jersey for his participation in the LockBit conspiracy, including his deployment of LockBit against victims in Florida, Japan, France, and Kenya. Astamirov is currently in custody in the United States awaiting trial.
Kondratyev, according to the indictment obtained in the Northern District of California and unsealed, is also charged with three criminal counts arising from his use of the Sodinokibi, also known as REvil, ransomware variant to encrypt data, exfiltrate victim information, and extort a ransom payment from a corporate victim based in Alameda County, California.
The LockBit ransomware variant first appeared around January 2020 and, leading into today’s operation, had grown into one of the most active and destructive variants in the world. LockBit members have executed attacks against more than 2,000 victims in the United States and around the world, making at least hundreds of millions of U.S. dollars in ransom demands and receiving over $120 million in ransom payments.
The LockBit ransomware variant, like other major ransomware variants, operates in the “ransomware-as-a-service” (RaaS) model, in which administrators, also called developers, design the ransomware, recruit other members – called affiliates – to deploy it, and maintain an online software dashboard called a “control panel” to provide the affiliates with the tools necessary to deploy LockBit.
Affiliates, in turn, identify and unlawfully access vulnerable computer systems, sometimes through their own hacking or at other times by purchasing stolen access credentials from others. Using the control panel operated by the developers, affiliates then deploy LockBit within the victim computer system, allowing them to encrypt and steal data for which a ransom is demanded to decrypt or avoid publication on a public website maintained by the LockBit developers, often called a data leak site.
The FBI Newark Field Office is investigating the LockBit ransomware variant.
An indictment is merely an allegation. Under U.S. law, all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
