A global effort involving authorities from multiple countries has successfully taken down LockBit, a ransomware gang labeled as highly active by investigators. The U.S. Department of Justice has unveiled an indictment against two individuals from Russia, Artur Sungatov and Ivan Kondratyev, for their involvement in carrying out cyberattacks on American businesses. Sungatov reportedly targeted manufacturers, insurance companies, and other businesses in at least six states starting in January 2021. The U.S. Attorney General Merrick Garland stated that today, law enforcement from the U.S. and U.K. are shutting down their criminal operation. Furthermore, we have taken an additional measure by acquiring keys from the confiscated LockBit infrastructure in order to assist victims in decrypting their compromised systems and recovering their data. The sooner individuals report, the faster law enforcement can evaluate new techniques and minimize the harm they may inflict. The question is, what was LockBit? LockBit, which emerged in the beginning of 2020, utilizes ransomware to encrypt files of victims and restricts their access to networks until a ransom is paid, typically in cryptocurrency. As outlined in the DOJ’s indictment, payments were usually requested in Bitcoin. LockBit, similar to other ransomware groups, had a main team of developers who designed malware tools and managed the operation’s infrastructure. They also enlisted affiliates to infect targets in return for a share of the profits. LockBit’s creators operated a dashboard that allowed partners to initiate attacks easily. By 2022, LockBit had surpassed all other ransomware types to become the most commonly used globally, as reported by Europol.