- Hackers are threatening to leak stolen Trump court documents unless they get a ransom.
- LockBit is a Russia-based ransomware group that's made millions already by hacking victims.
- Despite international police efforts, LockBit is still active.
LockBit, a group of notorious Russian hackers, is threatening to release court documents it claims it stole from Georgia officials unless it gets paid a ransom.
It's the latest scheme from a group that's frustrated international authorities and dodged shutdown attempts.
LockBit is threatening to release Trump court documents it stole from the Fulton County, Georgia, election interference case unless the county paid up.
The hacking group posted a statement online in English and Russian demanding money. The message also backed up Trump in the 2024 election and called Biden a "puppet" who should retire.
The latest deadline — 8:59 a.m. ET on Thursday — has passed.
But on Thursday, hours before the deadline was set to expire, a countdown timer on the group's website disappeared. It's unclear if the group has the documents it claims and still plans to release them.
Who is LockBit?
LockBit is a Russia-based ransomware group that's become infamous for its two-pronged extortion tactics, according to the US Department of the Treasury.
The cybercriminals hack massive amounts of data from their victims, then encrypt the victim's computers and demand ransom to unlock their information, the Treasury Department says.
It's not just one guy at his computer running these attacks; The Treasury Department called LockBit a "Ransomware-as-a-Service" group, where cybercriminals around the world pay to use the group's software to conduct their own attacks.
In exchange, LockBit gets a percentage of the ransom.
LockBit has been around since at least 2019, and in 2022, it was the most prolific ransomware service in the world, the Treasury said.
In just a few years of operation, LockBit has racked up over 2,000 victims and collected more than $120 million in ransom funds, according to the Justice Department.
LockBit has indiscriminately targeted all kinds of organizations, including hospitals, banks, schools, and many government agencies, according to the Cybersecurity and Infrastructure Security Agency.
Its recent targets include Boeing, the UK's National Health Service and Royal Mail, and the state-owned Industrial and Commercial Bank of China, Business Insider previously reported.
LockBit first hacked into Fulton County's computer systems on January 27.
But it's not clear exactly how much money LockBit is asking for and the group may not even have documents that aren't already publicly available, BI previously reported.
A years-long international police effort involving the FBI and the UK's National Crime Agency ultimately seized 34 of LockBit's servers and shut down its website on February 20.
But by the end of the week, LockBit was back, renewing its ransom demands and pushing the deadline to Thursday.
And the stakes could be high — if you take LockBit's word for it. The group said in a post on Saturday that the stolen documents "contain a lot of interesting things and Donald Trump's court cases that could affect the upcoming US election."