{"id":55749,"date":"2024-04-03T00:00:00","date_gmt":"2024-04-03T00:00:00","guid":{"rendered":"urn:uuid:9d63c448-b12c-56c9-e4cf-d8bcac4ce450"},"modified":"2024-04-03T00:00:00","modified_gmt":"2024-04-03T00:00:00","slug":"unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/","title":{"rendered":"Unveiling the Fallout: Operation Cronos&#8217; Impact on LockBit Following Landmark Disruption"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/new-operation-cronos-cover:Large?qlt=80\"><\/p>\n<div><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/thumbnails\/24\/new-operation-cronos-cover.png\" class=\"ff-og-image-inserted\"><\/div>\n<h3><span class=\"body-subhead-title\">The first 72 hours after LockBit\u2019s disruption<\/span><\/h3>\n<p>In the days following the disruption, the topic was still being widely discussed across underground forums. Members of the forums seemed to appreciate the NCA\u2019s sense of humor, commenting that the law enforcement agency was trying to be \u201clulzy\u201d (internet slang for comical or amusing) in its actions on LockBit\u2019s leak site. The release of information regarding the arrests also instigated further conversation. There was also a consensus that LockBit would simply rebrand and return, similar to what happened with Conti, Royal, Black Basta, and Hive, although as the rest of the week went by, LockBit\u2019s reputation was further damaged.<\/p>\n<p>On one Breachforums thread that discussed the disruption, one member was of the opinion that LockBit deserved the disruption due to the group targeting hospitals. In the initial days following the disruption, the Exploit and XSS forums seemed to be unusually constrained in their discussion of the topic. The discussion about LockBitSupp\u2019s ban status was active, but the overall discussion pertaining to LockBit\u2019s disruption seemed to be less active than in other forums. One reason for this could have been that as two of the more mature forums in operation, the members of Exploit and XSS might have been under instruction to be wary of researchers and law enforcement monitoring their activity following such a high-profile action.<\/p>\n<p>An interesting observation when looking at the fallout from the disruption is that it sparked some self-reflection among other active RaaS groups. Notably, competitor RaaS groups expressed much interest in learning about how LockBit was infiltrated. A Snatch RaaS operator also pointed out on their Telegram channel that they were all at risk. This is a subtle bonus stemming from the disruption operation: the spread of paranoia in the cybercriminal ecosystem. Other groups are now taking a closer look at what they need to do to reduce the risk of infiltration. Anything that makes operating more difficult is a good thing in the fight against ransomware actors.<\/p>\n<p>In a period that fostered paranoia and introspection, it\u2019s no surprise that members of the criminal underground started to question whether LockBitSupp had collaborated with law enforcement or otherwise. Although there were several mentions of LockBitSupp cooperating with the Federal Security Service (FSB), it\u2019s important to note that this is just speculation and not something we can confirm. The claims were probably bolstered by a Chainalysis <a href=\"https:\/\/www.chainalysis.com\/blog\/lockbit-takedown-sanctions-february-2024\/\" target=\"_blank\" rel=\"noopener\">report<\/a> that LockBit group sent donations to a certain \u201cColonel Cassad\u201d in Donetsk.<\/p>\n<p>Although LockBitSupp was guarded when it came to public communication efforts, which is partly due to its being banned on XSS and Exploit, LockBitSupp attempted to preserve the appearance of being in control of the situation. For example, LockBitSupp responded to the law enforcement countdown that would release information about its identity by doubling the reward to US$20 million. This was a clever move on LockBitSupp\u2019s part, as it seemed to garner support in the criminal underground. The apparent defiance might have also been part of a strategic plan to try to persuade affiliates that the operation was not under threat. In some ways, LockBitSupp appears to have resorted to a PR tactic that many of its own victims were forced to enact following ransomware attacks: LockBitSupp publicly projected a position of strength to its customer base while also internally trying to rebuild and get back to business.<\/p>\n<p>In the first 72 hours, many speculated about the extent of the information to be released about LockBitSupp. There was a lot of build-up leading up to it, which was heightened by the NCA using the infamous LockBit countdown to make the announcement. There was also some confusion in the first few days, with people looking for the official LockBitSupp Telegram channel. This was a result of several accounts masquerading as LockBitSupp. Given the curiosity and media attention generated by the disruption, some actors sought to capitalize on the confusion and take advantage of unwitting victims. For example, a Telegram user with the handle \u201cLockbit 3.0\u201d claimed to be a LockBit operator and offered positions for affiliates to join the group for a small fee of US$150.<\/p>\n<h3><span class=\"body-subhead-title\">The first week post-LockBit disruption<\/span><\/h3>\n<p>The much-anticipated leak of information about the threat actor LockBitSupp seemed to have been perceived as anti-climactic in the underground community. Law enforcement\u2019s use of the <a href=\"https:\/\/twitter.com\/3xp0rtblog\/status\/1629941796892491776?s=61&amp;t=Qt9K3gTcC1NFRwvzYQYCWA\" target=\"_blank\" rel=\"noopener\">\u201cTox Cat\u201d emoji<\/a> in its announcement, to imply some level of access that it had to LockBit\u2019s operations, was also seen as further trolling from law enforcement. To add, some felt that the lack of details showed that LockBitSupp had called its bluff. However, it was clear that the vague reference to LockBitSupp\u2019s communication with law enforcement did have the desired effect of seeding doubt among some members. Less than an hour after the release of the message pertaining to LockBitSupp talking with law enforcement, some messages on Telegram mentioned that \u201cThere\u2019s chatter that Lockbit is a snitch.\u201d<\/p>\n<p>There was also speculation that other groups could now become the market leader, with ALPHV being touted to rise to the top. We now know following the <a href=\"https:\/\/thehackernews.com\/2024\/03\/exit-scam-blackcat-ransomware-group.html\" target=\"_blank\" rel=\"noopener\">events surrounding ALPHV<\/a> that this would not be the case.<\/p>\n<p>There was also a discussion about how victim data wasn\u2019t deleted following a payment. It was pointed out that this was no surprise when you consider the value such data would still hold.<\/p>\n<p>As the dust settled following the first few days, there were still a few actors who were focused on how the disruption came about and what its implications were. Some members of the criminal underground undertook their own investigation and began trawling through old posts and dissecting what was said in the past. This further demonstrates the state of paranoia that the disruption instilled.<\/p>\n<p>In a rebuttal to law enforcement\u2019s press release, LockBitSupp announced that it will return with new Onion sites on Feb. 24, 2024 and added <i>fbi.gov<\/i> as the first victim on the new leak site.<\/p>\n<p> Read More <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/24\/d\/operation-cronos-aftermath.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Our new article provides key highlights and takeaways from Operation Cronos&#8217; disruption of LockBit&#8217;s operations, as well as telemetry details on how LockBit actors operated post-disruption. Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":55750,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9510,9539,9509],"class_list":["post-55749","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-trend-micro-research-articles-news-reports","tag-trend-micro-research-ransomware","tag-trend-micro-research-research"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Unveiling the Fallout: Operation Cronos&#039; Impact on LockBit Following Landmark Disruption 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Unveiling the Fallout: Operation Cronos&#039; Impact on LockBit Following Landmark Disruption 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-03T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/new-operation-cronos-cover:Large?qlt=80\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Unveiling the Fallout: Operation Cronos&#8217; Impact on LockBit Following Landmark Disruption\",\"datePublished\":\"2024-04-03T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/\"},\"wordCount\":1007,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption.png\",\"keywords\":[\"Trend Micro Research : Articles, News, Reports\",\"Trend Micro Research : Ransomware\",\"Trend Micro Research : Research\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/\",\"name\":\"Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption.png\",\"datePublished\":\"2024-04-03T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption.png\",\"width\":976,\"height\":533},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro Research : Articles, News, Reports\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-research-articles-news-reports\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Unveiling the Fallout: Operation Cronos&#8217; Impact on LockBit Following Landmark Disruption\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/","og_locale":"en_US","og_type":"article","og_title":"Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-04-03T00:00:00+00:00","og_image":[{"url":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/new-operation-cronos-cover:Large?qlt=80","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Unveiling the Fallout: Operation Cronos&#8217; Impact on LockBit Following Landmark Disruption","datePublished":"2024-04-03T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/"},"wordCount":1007,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption.png","keywords":["Trend Micro Research : Articles, News, Reports","Trend Micro Research : Ransomware","Trend Micro Research : Research"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/","url":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/","name":"Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption.png","datePublished":"2024-04-03T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption.png","width":976,"height":533},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/unveiling-the-fallout-operation-cronos-impact-on-lockbit-following-landmark-disruption\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro Research : Articles, News, Reports","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-research-articles-news-reports\/"},{"@type":"ListItem","position":3,"name":"Unveiling the Fallout: Operation Cronos&#8217; Impact on LockBit Following Landmark Disruption"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55749","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=55749"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55749\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/55750"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=55749"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=55749"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=55749"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}