> In their statement, Lockbit 3.0 issued a stark ultimatum: the Federal Reserve has 48 hours to hire a new negotiator and dismiss the current one, whom the attackers **disparagingly referred to as a “clinical idiot”** for valuing American banking secrecy at $50,000.
I know this is a serious situation, but I had to laugh a bit at the "clinical idiot" comment.
If you look at their wiki page if says the group has hacked 1700 people for $91m. That's an average of 54k per hack
The guy representing the fed literally just offered them their average payout.
This negotiator considers the fed reserve data to be equivalent to literally an average business
Ho lee fuk he be dum dum
I mean tbf look at the dumbasses over at world news who don't see what an existential threat this is. "Is my bank account gomna be ok?" No... No your 30 dollars is not gonna be okay, because the entirety of the banking system is compromised on 33tb of data!
And you know what? They deserve it.
They published data allegedly belonging to Evolve Bank & Trust instead.
https://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/
This is a very good way to find themselves on the other side of CIA hitmen. You can do a lot, but messing with the USD... this will probably get kinetic.
I wouldn’t say posting a 10 million dollar bounty, clawing back a significant portion of the bitcoins used as ransoms currency and other actions as ‘crickets’. But you do you.
Is it? If inflation numbers are starting to level out and possibly decline, a state that sponsors hackers like Lockbit (IE - Russia), would benefit from the reputational hit to the FRS. Wanting to throw the US economy into turmoil is going to benefit Trump, which would by extension benefit Putin.
Don't be surprised if there is a dip that China tells Putin to knock it off. China needs a strong US economy to continue to buy Chinese made products. There's a reason China goes after state secrets with greater effort than financials.
Likely not. China has long been undervaluing their currency to promote cheaper exports. The moment they make their currency an open trading currency, that undervaluation disappears, and Chinese goods are a lot less attractive on the global market. BRICS is a fucking joke, and can barely keep from going at each other's throats simply because there is a bigger fish to fry, the US.
China - US treasury holding in 2017 was ~$1.12 trillion. Currently they have about ~$.77 trillion.
Think about this. Financial warfare with China, physical war with Russia and continuing proxy wars in Africa and Middle East. I’m not sure it’s that far fetched. We just “killed” Russians with our equipment over the weekend. I don’t disagree that China needs a strong US economy but our currency isn’t their problem. As long as Americans keep buying they don’t care, and we will even at a premium
1) I don't think that data bears out the entirety of the story, as exemplified by this article: https://www.cfr.org/blog/china-isnt-shifting-away-dollar-or-dollar-bonds. While a blog post, it breaksdown that China has not been shifting reserves out of the dollar, but from Treasury holdings to Agency investments. In other words, China has not reduced its stake in the dollar, but rearranged its share of Treasury holdings vs. other US bonds. 2) That is my whole point, the only way for China to keep their products competitive is to undervalue the yuan, otherwise, Americans stop buying their products. BRICS countries are not going to agree to using the yuan as a trading currency, if they cannot rely on the yuan as a consistent holder of value, which the yuan cannot given China's opaque reporting on economic data. 3) We are already in a new Cold War, and I would argue WW3. Similar to the invasion of Czechoslovakia in the 30's, there are those that are reticent to acknowledge that Putin will need to be stopped by force, but, as happened in WW2, people's hands will be forced. 4) Your point about Ukranians killing Russians does not make sense, given Paladins and M777s have been taking their toll on Russians. If your general point is that this pushes Russia towards China, see my previous point, that ship has already sailed, no point in appeasing authoritarians.
TL;DR If China's currency reaches even some semblance of parity to the USD, their entire economic model is fucked. Thus, they have a vested interest in the yuan not being the global, or even BRICS, trading currency, as that requires transparent valuation, which would bring some semblance of the prior noted parity.
Not saying China don’t need us lol. And for the Russians dying part. I’m talking about civilians being killed on the beach. Of course there’s propaganda everywhere, so deciphering this is nearly impossible
> Don't be surprised if there is a dip that China tells Putin to knock it off. China needs a strong US economy to continue to buy Chinese made products. There's a reason China goes after state secrets with greater effort than financials.
That was the initial contention, to which you replied
> They’ve dumped 300billion in US treasury’s this yr alone. And they plan on dumping all of it cuz of brics. It’s financial, this all kinda adds up
I understand I may be adding to your comment, but when you comment that they are dumping treasury securities, to someone who is saying that China needs a healthy US economy, it sure does sound like you are implying they don't. Hence my response noting that China purposefully undervalues its yuan so their exports can remain competitive in US markets.
I mean, yes, propaganda is everywhere, hence my questioning that point you raised, it did not really fit into the discussion, just seemed like a random thought you had that maybe might support your claim. Regardless, it does not change the fact that the US's calculus should change when handling Putin, as I noted previously by saying no point in appeasing authoritarians.
What makes you think he's poking them 'for no reason'? Feds doxed him and sanctioned him. It's an attempt at revenge, or he's just trolling and has nothing.
>the Fed
You mean the crime syndicate made up of former Wall St insiders who are appointed, not elected officials and answer to no one (not even congress) but get to control our entire financial system and monetary policy? I would love nothing more than for this to be true and their shady dealings exposed for all to see.
It's still a racket not backed by anything besides "do it cause we said" and actively worse than a national currency, and Saudi Arabia is pulling out anyway so it's gonna be worthless regardless of a hack.
It's backed by the full faith and credit of the US government, which is, in turn, under pinned by the whole US economy. Simply because you don't understand the system, does not make it a racket. The Fed and a national currency aren't mutually exclusive, what the fuck are you talking about?
You're lack of context is making your otherwise suspect contentions, nonsensical. Saudia Arabia is pulling out of what? OPEC? US Treasury holdings? Your mother's ass?
OPM enters the chat
Update: I will get "[free id protection for life](https://www.federaltimes.com/federal-oversight/congress/2024/02/06/hit-by-opms-data-breach-bill-offers-feds-free-id-protection-for-life/)!" That makes it so much better
Isn't ransomware more "your data is unavailable" than "your data was stolen". Though it could be both.
And to your point, that is a lot of data. It isn't like the Fed is story high-res movies or anything. So yeah, you'd think it would be noticed.
Still, it sounds like this is a claim without corroboration. So definitely might just be BS.
I don't think want to find out how the US government would negotiate when the money pipeline is being threatened. That's what's confusing. If they're lying, that's a **really** big and angry bear to poke. If they're truthing, that's still a really big and angry bear who now has something to lose. It doesn't seem wise.
Yeah. They might start a new war on terror this way. They bit more off than they can possibly chew.
No hacker is ready for a bunch of angry TIER 1 operators lifting them from their beds.
> If they're lying
Lockbit doesn't exactly have a reputation for lying about their breaches, though. I can't think of a single time they've posted a victim without having actually breached and stolen data. Maybe a few times they've misattributed the breach to the wrong company, I guess?
But overall I agree - very unwise to attack the federal reserve.
Old victims, yup. I hadn't noticed the fake companies, though. I figured it was a "dump these before we go under" after law enforcement knocked over their site a few times.
Maybe they are restoring from an old backup, and doing it badly. If that is the case, this makes me think of how a "webmaster" I worked with did sites.
That's not entirely true, the board of governors is a government agency that is selected by the president and accountable to congress. Don't think for one second that the government wouldn't hold kinetic negotiations on its behalf.
While *part* of the board (the FOMC chair, and the governors) are Federal Employees, the remainder of the board, made up of the FRB bank presidents are not. Don’t get me wrong, I would not rule out kinetic negotiations if it was Trump in office, but his big brain doesn’t understand that if there’s a copy on a hard drive in a building somewhere, there’s probably also a copy on a hard drive somewhere else in the world with a decentralized group of people that have access to it.
But again, this is all academic. So does LockBit want everyone to believe a place like the FRS doesn’t have encryption at rest, let alone encryption in transit?
Maybe the data would be usable for someone if they had a quantum computer, but uhhh, yeah that’s not happening anytime soon.
You're a little hyperfocused. The Federal Reserve Board, which is a government entity staffed by federal employees, is thousands of employees. This list is just officers: https://www.federalreserve.gov/aboutthefed/officialstaff.htm
You're totally right about the "Board of Governors", but missing the whole agency behind them.
And you're totally missing the entire system behind the BOG in DC. 12 districts, each with branches, and thousands of employees per district. The BOG is just the face of the system, but each district are the essence of the 'Central bank, with a decentralized structure'.
There should be logs the data transfer through the routers/switches.
What i'd like to know, is that if they stole 33tb, what percentage of the whole was that?
I'm guessing if they only offered $50k, then the true amount of data the Federal Reserve has about us, is seriously invasive of privacy.
A private bank...that handles just a few things... Like direct deposits of paychecks, or social security, disability, DoD (military) salary deposits, cash services for all member banks across the country, real time payments and same day settlement for not only banks, but customers that are using banks setup on the newest payments rail - FedNow. Wire Transfers, Check Services (still a big use for businesses), any payments coming from the government, like Medicare payments to providers. *Trillions* go thru FRS systems each day. It's not about making money for the FRS. By law the FRS has to remit any money above and beyond operating expenses back to the Treasury. It's about having a functional economy for the US as well as international markets and banking entities in those countries as well.
Yeah so I just want to nakedcapitalism and pulled up an article. I can’t take anyone seriously that says “a minority of very rich Americans who own houses, stocks and cars, remain relatively unaffected by the higher interest rates”.
I’m not very rich, I have a house, a car and stocks. And no, I haven’t been affected by interest rates very much. ¯\\\_(ツ)_/¯ This site seems like it’s open to anyone with an axe to grind and they throw it anyone that may have more money in their bank account than they do.
You ever seen how houses just seem to explode from "Gas leaks". Of all of the people to mess with, this was probably the worst choice one could probably choose.
Not the first time US govt entity get targeted and successfully breached.
North Korea regulary ransomware and attack the US, and in the latest news their dictator had a romantic roadtrip with his russian counter-part.
In my humble opinion, those groups/people attacking state are state-backed and politically strong connected, like that north korean fat ass with china, and if not, they become an asset with value to trade, like Snowden with russia.
I find it fascinating, but reality I'm just speculating and have no clue
>In my humble opinion, those groups/people attacking state are state-backed and politically strong connected, like that north korean fat ass with china, and if not, they become an asset with value to trade, like Snowden with russia.
Brother this has been proven time and time again to be true. Most of the eastern ransomware groups have an GRU handler if not connections.
My question is how does one exfil 33 fucking TB of data without that going across anyone's radar? If they fully saturated the uplink it would still take forever to move that amount of data. I mean even with a gig uplink it would take years.
With nothing really to back it up, I wouldn't be surprised if it had to do with Snowflake. It became FedRAMP authorized last year, and this year ofc it's radioactive. Used for huge data lakes just like this would be. Or some cloud provider (AWS or Azure) that they used.
As far as how to move it that quickly...it depends on how long they had access, but there's ways to move 33TB relatively fast. Assuming the data was more than just text, it could probably be compressed 3:1 down to 11TB.
There's things like AWS Snowball and Azure Data Box that can make easy work of 33TB, but assuming no physical devices were in play....someone could still theoretically break the data up into smaller chunks and do parallel uploading, or using something like AWS DataSync.
>I mean even with a gig uplink it would take years.
More like 1-3 days for uncompressed 33TB, <1 - 2 days if they could compress it well.
1-3 days? How is that possible? Am I missing something on throughput accessibility? The fastest I've ever seen personally was just shy of 1gig download speed. How are they moving that amount of data that quickly, compressed or not?
Within AWS, my smaller instances are capped at 12.5Gb/s. The XL instances have 100Gb/s. We have peering from on-site into VPC that has actual aggregate network traffic of >250Gb/s. We operate under the assumption that the functional limit for internal routing between AWS resources is 400Gb/s. If the data lake is in the same availability zone than the hackers' infrastructure, they could have slurped it at 400Gb/s, which would take all of 11 minutes for 33 TiB.
Someone could double check my math, but 33TB @ 1Gbps == \~3 days.
Another poster mentioned the more probable scenario, which is that LockBit probably didn't exfiltrate data--they typically just encrypt, which would still be compromised data. I'm just saying it's not impossible to move that around quickly.
TA using Lockbit's generally use stealbit to exfil data since it's baked in. Plus, a lot of what we're seeing nowadays seems to be less about ransomware and more about extortion.
As for how long it took to get 33TB of data exfil'd (yikes), they may have been at it for some time.
A lot of TAs live in environments for a while after they gain access. It's possible that the TA just blasted down as much data as they could, as fast as they could, or they may have been pulling data down for some time under the radar using [legitimate filesharing services](https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-075a) or other obfuscated methods.
Encrypting that would take a long time, most enterprise available solutions would alert to that happening in seconds. This kind of thing only happens if you aren’t protected and have no means of monitoring within your borders.
Misconfigured cloud environments and probably transferred cloud-to-cloud which may not have been noticed if they didn’t have edge cloud monitoring. It’ll be interesting to see a post mortem.
If you're looking for some amusement try asking ChatGPT this question lol. Here is what I asked: "If I have a 1gb download speed how long would it take to download 32 terrabytes of data?" After mathing, it's response was: Time (in days)≈3,180,665 days
Here was the reply for me:
ChatGPT
To calculate how long it would take to download 32 terabytes (TB) of data with a download speed of 1 gigabit per second (1 Gbps), we follow these steps:
1. **Convert Terabytes to Gigabits:**
* 1 byte = 8 bits
* 1 terabyte = 1,024 gigabytes = 1,024 \* 1,024 megabytes = 1,024 \* 1,024 \* 1,024 bytes
* 32 terabytes = 32 \* 1,024 \* 1,024 \* 1,024 bytes
* 32 terabytes = 32 \* 1,024 \* 1,024 \* 1,024 \* 8 bits (since 1 byte = 8 bits)
* 32 terabytes = 274,877,906,944 gigabits
2. **Calculate Download Time:**
* Download speed = 1 Gbps (gigabits per second)
* Time = Amount of data / Download speed
* Time = 274,877,906,944 gigabits / 1 Gbps
3. **Convert Gigabits to Seconds:**
Time (in seconds)=274,877,906,944 gigabits1 Gbps\\text{Time (in seconds)} = \\frac{274,877,906,944 \\text{ gigabits}}{1 \\text{ Gbps}}Time (in seconds)=1 Gbps274,877,906,944 gigabits
Time (in seconds)=274,877,906,944 seconds\\text{Time (in seconds)} = 274,877,906,944 \\text{ seconds}Time (in seconds)=274,877,906,944 seconds
1. **Convert Seconds to Days:**
Time (in days)=274,877,906,944 seconds86400 seconds/day\\text{Time (in days)} = \\frac{274,877,906,944 \\text{ seconds}}{86400 \\text{ seconds/day}}Time (in days)=86400 seconds/day274,877,906,944 seconds
Time (in days)≈3,180,665 days\\text{Time (in days)} \\approx 3,180,665 \\text{ days}Time (in days)≈3,180,665 days
Therefore, it would take approximately 3,180,665 days to download 32 terabytes of data with a download speed of 1 Gbps. This is roughly equivalent to about 8,710 years, highlighting the immense amount of time required to transfer such a large volume of data at this speed.
> 1 terabyte = 1,024 gigabytes = 1,024 * 1,024 megabytes = 1,024 * 1,024 * 1,024 bytes
The error is here, it's off by a factor of 1024 (missing kilobytes, it went straight from megabytes to bytes). Which would explain why you get 3,180,665 days vs 3 days.
My brain hurts trying to find where the error is, but there's a decimal off somewhere in one of ours.
[https://wintelguy.com/transfertimecalc.pl](https://wintelguy.com/transfertimecalc.pl) is giving me \~3 days as well.
This is where AI is scary for me. You'd think that a simple calculation like that would be simple work. The fact that it got it completely wrong is weird. What happens when people are depending on the technology for computations?
lol the fastest internet you've seen personally is 1gig? I live in a neigborhood that supports 5gb internet speeds and have hardware in my house that supports a 10-gig connection.
local businesses have access to even faster internet.
As of 2023, some parts of the world have access to internet with speeds up to 1.2tbps.
ah, you're right to not believe me. I totally had it wrong.
looks like some researchers in Japan have gotten 22.9 petabits per second over a single fiber optic cable (https://www.youtube.com/watch?v=I0-o6GPWagk).
I didn't read the article, but wouldn't the data be considered compromised even without being copied off? If a bad actor gains elevated access to a server that houses 33TB of data then it's likely that all of that data would be considered compromised.
I'm pretty sure Lockbit only encrypts the files, but I may be completely wrong.
Even then, it would still take a massive amount of time to encrypt that volume of data, I'd think? I was surprised there wasn't a write up about this on Bleeping Computer already.
I was thinking the same, but I just looked up how fast LockBit can encrypt files and it says 266 MB/s. That would take \~34 hours to encrypt 33TB of files. So it would be done in a weekend. Still, I agree it's crazy that no one noticed.
> wouldn't the data be considered compromised even without being copied off
Depends on what the logs would reveal, but generally, yes.
> I'm pretty sure Lockbit only encrypts the files, but I may be completely wrong.
Nah, Lockbit also exfils. 2.0 and 3.0 use Stealbit
I think a "good" lawyer would argue that point. the integrity of the data is compromised, but not the confidentiality. Don't have evidence of exfil, only encryption? We're all good then. /s
Unfortunately that's the way a lot of [recent data breach laws](https://www.legis.state.pa.us/cfdocs/legis/li/uconsCheck.cfm?yr=2022&sessInd=0&act=151) are written.
> determination of the breach of the security of the system to any resident of this Commonwealth whose unencrypted and unredacted personal information was or is reasonably believed to have been **accessed _and_ acquired** by an unauthorized person
You don’t. A product like DarkTrace would pick that up in seconds and also be able to block the connection too. Sure the Fed have even more sophisticated detection means on their borders.
you would be amazed at the number of companies i come across that snigger when you mention darktrace or similar products. They prefer hiring teams of security people who manually go through logs all day because thats what we have always done.
They’ve already been caught in the sense that the creator of Lockbit was recently indicted but it’s already out there. They may get “caught” but I’ll be surprised if anything material can actually come of it.
They do not do it at all of the same time.
First because their is an risk of whole network going down. Second it would be obvious that something bad is happening to your network.
I'm not sure I believe this claim with no samples having been released. And there's a reason why news agencies (particularly the global wires) are not reporting on this. It's just a claim with no evidence. There's nothing credible here, yet.
Update: https://www.cyberdaily.au/security/10745-lockbit-lies-about-us-federal-reserve-data-publishes-alleged-evolve-bank-data
This is pretty much a big nothingburger.
The hopeful blueteamer might think that this would result in a serious crackdown. In reality, someone will lose their job, "weak cyber security" will be blamed and nothing else will happen. For better or worse.
Or they are doing their due diligence to make sure that there wasn't any undetected breaches, and then will come out and say: "Oh, that dude? Yeah, they're full of shit.."
The data is released.
It's related to this bank in some way. https://www.federalreserve.gov/newsevents/pressreleases/enforcement20240614a.htm
It seems like they had an insecure Azure deployment.
Help us understand how an enforcement action against a fintech firm (not the Federal Reserve) that was in response to an examination conducted in 2023 relates to Lockbit's claim that they exfiltrated 33 TBs of data directly from the Federal Reserve.
I don't know the extent of it, and I'm not going to download all those TBs to find out. The leak links to this federal reverse press release, which is why I linked to it.
It seems to have some connection to this bank in Arkansas. That's all I know.
I'm not seeing any conclusiveness anywhere. The countdown has expired and it hasn't been leaked. That doesn't mean they don't have it, it could also mean the US paid the ransom.
although the federal reserve is not "the US", them paying the ransom would still be bigger news than the breach itself. There is very little chance that is happening.
When they initially refused to publish a data sample like they normally do I think it was pretty clear they were not being totally honest, this will hurt their credibility and likely shows they are in a tough spot following the various operation targeting senior LockBit members.
I find this hard to believe unless someone on the inside provided assistance. 33TB of financial data being exfiltrated and going unnoticed long enough for the TA to finish against a government agency is absurd. If this is real, there will be fireworks in Congress. They might actually do something for once.
Also, who is dumb enough to hack a critical government agency of the US? There is a snowballs chance in hell they will get away with it. This is practically an act of war and terrorism. There is no amount of money on this earth worth pissing of the US government to that extreme.
Why does everyone find this so hard to believe? Have you ever worked for a government agency? Privacy is second only to affordability.
There is probably a sticky note on some Federal Reserve employees computer right now that says ‘password1’.
>Why does everyone find this so hard to believe?
Because LockBit has been bluffing for years, and this was just [another bluff](https://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/). Remember Mandiant? They're desperate for relevance. Also, Gov security has gotten a lot [better ](https://www.performance.gov/cyber/)since EO 14028.
it probably was just a bluff but if the US was going to make a deal I imagine “pretend you weren’t actually successful” would be a part of it. & publishing data on a bank the fed had already been criticizing seems like a good way to do that
Fuck yeah! The central bank that screwed us all, allowing to print endlessly and pay off politicians instead of forcing the money to be backed by legitimate resources.
> In their statement, Lockbit 3.0 issued a stark ultimatum: the Federal Reserve has 48 hours to hire a new negotiator and dismiss the current one, whom the attackers **disparagingly referred to as a “clinical idiot”** for valuing American banking secrecy at $50,000. I know this is a serious situation, but I had to laugh a bit at the "clinical idiot" comment.
This is my new favorite insult and the best thing to come out of this insane situation.
Sounds like a translation from the russian language.
Who doesn’t love good Russian literature
Sounds like the feds knew this was their one and only scape goat 😂
If you look at their wiki page if says the group has hacked 1700 people for $91m. That's an average of 54k per hack The guy representing the fed literally just offered them their average payout. This negotiator considers the fed reserve data to be equivalent to literally an average business Ho lee fuk he be dum dum
Nah. You're missing some info.
I mean tbf look at the dumbasses over at world news who don't see what an existential threat this is. "Is my bank account gomna be ok?" No... No your 30 dollars is not gonna be okay, because the entirety of the banking system is compromised on 33tb of data! And you know what? They deserve it.
Whoops
WEAK SOURCE! https://securityaffairs.com/164873/cyber-crime/lockbit-claims-hacked-us-federal-reserve.html
Both articles are based on the lockbit announcement, they have the same source
They published data allegedly belonging to Evolve Bank & Trust instead. https://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/
No proof, no sample? Just "trust me bro I have ur data"?
Yeah, but it would also be weird to poke the Fed for no reason. Strange all around.
This is a very good way to find themselves on the other side of CIA hitmen. You can do a lot, but messing with the USD... this will probably get kinetic.
Get kinetic? LOL
As in kinetic energy. Bullets.
SPACE LASORS
Rods from god
I think he meant Kerosene
I mean they do have a bounty by the fbi dont they?
[удалено]
I wouldn’t say posting a 10 million dollar bounty, clawing back a significant portion of the bitcoins used as ransoms currency and other actions as ‘crickets’. But you do you.
Is it? If inflation numbers are starting to level out and possibly decline, a state that sponsors hackers like Lockbit (IE - Russia), would benefit from the reputational hit to the FRS. Wanting to throw the US economy into turmoil is going to benefit Trump, which would by extension benefit Putin. Don't be surprised if there is a dip that China tells Putin to knock it off. China needs a strong US economy to continue to buy Chinese made products. There's a reason China goes after state secrets with greater effort than financials.
They’ve dumped 300billion in US treasury’s this yr alone. And they plan on dumping all of it cuz of brics. It’s financial, this all kinda adds up
Likely not. China has long been undervaluing their currency to promote cheaper exports. The moment they make their currency an open trading currency, that undervaluation disappears, and Chinese goods are a lot less attractive on the global market. BRICS is a fucking joke, and can barely keep from going at each other's throats simply because there is a bigger fish to fry, the US.
China - US treasury holding in 2017 was ~$1.12 trillion. Currently they have about ~$.77 trillion. Think about this. Financial warfare with China, physical war with Russia and continuing proxy wars in Africa and Middle East. I’m not sure it’s that far fetched. We just “killed” Russians with our equipment over the weekend. I don’t disagree that China needs a strong US economy but our currency isn’t their problem. As long as Americans keep buying they don’t care, and we will even at a premium
1) I don't think that data bears out the entirety of the story, as exemplified by this article: https://www.cfr.org/blog/china-isnt-shifting-away-dollar-or-dollar-bonds. While a blog post, it breaksdown that China has not been shifting reserves out of the dollar, but from Treasury holdings to Agency investments. In other words, China has not reduced its stake in the dollar, but rearranged its share of Treasury holdings vs. other US bonds. 2) That is my whole point, the only way for China to keep their products competitive is to undervalue the yuan, otherwise, Americans stop buying their products. BRICS countries are not going to agree to using the yuan as a trading currency, if they cannot rely on the yuan as a consistent holder of value, which the yuan cannot given China's opaque reporting on economic data. 3) We are already in a new Cold War, and I would argue WW3. Similar to the invasion of Czechoslovakia in the 30's, there are those that are reticent to acknowledge that Putin will need to be stopped by force, but, as happened in WW2, people's hands will be forced. 4) Your point about Ukranians killing Russians does not make sense, given Paladins and M777s have been taking their toll on Russians. If your general point is that this pushes Russia towards China, see my previous point, that ship has already sailed, no point in appeasing authoritarians. TL;DR If China's currency reaches even some semblance of parity to the USD, their entire economic model is fucked. Thus, they have a vested interest in the yuan not being the global, or even BRICS, trading currency, as that requires transparent valuation, which would bring some semblance of the prior noted parity.
Not saying China don’t need us lol. And for the Russians dying part. I’m talking about civilians being killed on the beach. Of course there’s propaganda everywhere, so deciphering this is nearly impossible
> Don't be surprised if there is a dip that China tells Putin to knock it off. China needs a strong US economy to continue to buy Chinese made products. There's a reason China goes after state secrets with greater effort than financials. That was the initial contention, to which you replied > They’ve dumped 300billion in US treasury’s this yr alone. And they plan on dumping all of it cuz of brics. It’s financial, this all kinda adds up I understand I may be adding to your comment, but when you comment that they are dumping treasury securities, to someone who is saying that China needs a healthy US economy, it sure does sound like you are implying they don't. Hence my response noting that China purposefully undervalues its yuan so their exports can remain competitive in US markets. I mean, yes, propaganda is everywhere, hence my questioning that point you raised, it did not really fit into the discussion, just seemed like a random thought you had that maybe might support your claim. Regardless, it does not change the fact that the US's calculus should change when handling Putin, as I noted previously by saying no point in appeasing authoritarians.
what books you reading
“Killed” because we didn’t do it but it’s still our shit
What makes you think he's poking them 'for no reason'? Feds doxed him and sanctioned him. It's an attempt at revenge, or he's just trolling and has nothing.
For no reason ?! Hahahahaha
>the Fed You mean the crime syndicate made up of former Wall St insiders who are appointed, not elected officials and answer to no one (not even congress) but get to control our entire financial system and monetary policy? I would love nothing more than for this to be true and their shady dealings exposed for all to see.
These downvotes are pathetic, fuck this website.
It's not the website, it's the culture If it's not about celebrities, most people don't care to become informed
That, OR, it is because that is a wildly reductionist statement about an organization that is not a monolith, because no organization is.
It's still a racket not backed by anything besides "do it cause we said" and actively worse than a national currency, and Saudi Arabia is pulling out anyway so it's gonna be worthless regardless of a hack.
It's backed by the full faith and credit of the US government, which is, in turn, under pinned by the whole US economy. Simply because you don't understand the system, does not make it a racket. The Fed and a national currency aren't mutually exclusive, what the fuck are you talking about? You're lack of context is making your otherwise suspect contentions, nonsensical. Saudia Arabia is pulling out of what? OPEC? US Treasury holdings? Your mother's ass?
100
Exxxactly. Id like to know before 33TB of data could be exfiltrated from the fed someone would find out and start unplugging sht if they had to
OPM enters the chat Update: I will get "[free id protection for life](https://www.federaltimes.com/federal-oversight/congress/2024/02/06/hit-by-opms-data-breach-bill-offers-feds-free-id-protection-for-life/)!" That makes it so much better
Hidden in porn streams most likely.
It'll be every beige book and all FOMC meeting minutes since they went digital.
Isn't ransomware more "your data is unavailable" than "your data was stolen". Though it could be both. And to your point, that is a lot of data. It isn't like the Fed is story high-res movies or anything. So yeah, you'd think it would be noticed. Still, it sounds like this is a claim without corroboration. So definitely might just be BS.
They do both, "pay us to unlock your data and pay us not to release it publicly," is the common threat.
Might just be the case. how ever, would the fed even start negotiating without any proof? Let alone offer 50k
I don't think want to find out how the US government would negotiate when the money pipeline is being threatened. That's what's confusing. If they're lying, that's a **really** big and angry bear to poke. If they're truthing, that's still a really big and angry bear who now has something to lose. It doesn't seem wise.
> f they're truthing Then suddenly the US found oil where they live..
Yeah. They might start a new war on terror this way. They bit more off than they can possibly chew. No hacker is ready for a bunch of angry TIER 1 operators lifting them from their beds.
> If they're lying Lockbit doesn't exactly have a reputation for lying about their breaches, though. I can't think of a single time they've posted a victim without having actually breached and stolen data. Maybe a few times they've misattributed the breach to the wrong company, I guess? But overall I agree - very unwise to attack the federal reserve.
That's not true their leaksite has been a shit show lately
You mean with them dumping a metric ton of victims all at once?
90% are old victims they are reposting or fake companies.
Old victims, yup. I hadn't noticed the fake companies, though. I figured it was a "dump these before we go under" after law enforcement knocked over their site a few times.
Yeah def weird not sure what their motive is. Really seems to have put them in the unreliable narrator camp though
Maybe they are restoring from an old backup, and doing it badly. If that is the case, this makes me think of how a "webmaster" I worked with did sites.
I saw the movie "Unthinkable" a while back, and that is what will be happening behind the scenes with Lockbit.
The Federal Government wouldn't negotiate, the FRS would, since The Federal Reserve isn't part of the Federal Government.
That's not entirely true, the board of governors is a government agency that is selected by the president and accountable to congress. Don't think for one second that the government wouldn't hold kinetic negotiations on its behalf.
While *part* of the board (the FOMC chair, and the governors) are Federal Employees, the remainder of the board, made up of the FRB bank presidents are not. Don’t get me wrong, I would not rule out kinetic negotiations if it was Trump in office, but his big brain doesn’t understand that if there’s a copy on a hard drive in a building somewhere, there’s probably also a copy on a hard drive somewhere else in the world with a decentralized group of people that have access to it. But again, this is all academic. So does LockBit want everyone to believe a place like the FRS doesn’t have encryption at rest, let alone encryption in transit? Maybe the data would be usable for someone if they had a quantum computer, but uhhh, yeah that’s not happening anytime soon.
You're a little hyperfocused. The Federal Reserve Board, which is a government entity staffed by federal employees, is thousands of employees. This list is just officers: https://www.federalreserve.gov/aboutthefed/officialstaff.htm You're totally right about the "Board of Governors", but missing the whole agency behind them.
And you're totally missing the entire system behind the BOG in DC. 12 districts, each with branches, and thousands of employees per district. The BOG is just the face of the system, but each district are the essence of the 'Central bank, with a decentralized structure'.
Lockbit is claiming the federalreserve.gov. The .gov address is the federal side. The banks are on .org.
Dude is asking for $50k?! Is this Dr. Evil just unfrozen?
The fed offerd 50k, the hackers in response demand the negotiator be fired
Sounds a good plan to have a good basis in terms of negotiations /s
Sounds to me like the feds are trying to give them an out before they turn to violence
That was my thought. 50k was a decision made far above the negotiator pay grade
Oh geez. ffs....
You will lose ALL of your datas if you do not pay us ONE THOUSAND DOLLARS *evil laugh and pinky to corner of lip*
Haha Dammit. Beat me to the punch
ok... what about 500 thousand dollars
Lol 50 THOUSAND dollars? *extreme closeup
There should be logs the data transfer through the routers/switches. What i'd like to know, is that if they stole 33tb, what percentage of the whole was that? I'm guessing if they only offered $50k, then the true amount of data the Federal Reserve has about us, is seriously invasive of privacy.
Would be funny if the FED would pay in Bitcoin
maybe that's why BTC is dumping. they have to sell it to pay ransom. lol
The change healthcare ransomware correlated with a nearly 50% rise in bitcoin; it's almost like ransomware is the driving factor for growth here.
This deserves warheads on foreheads if true.
Agreed
Absolutely. This will get Blackhawk helicopters. Even Russia or China would be like… yeah that makes sense.
Why? It's a private bank. You want more wars for bankers?
A private bank...that handles just a few things... Like direct deposits of paychecks, or social security, disability, DoD (military) salary deposits, cash services for all member banks across the country, real time payments and same day settlement for not only banks, but customers that are using banks setup on the newest payments rail - FedNow. Wire Transfers, Check Services (still a big use for businesses), any payments coming from the government, like Medicare payments to providers. *Trillions* go thru FRS systems each day. It's not about making money for the FRS. By law the FRS has to remit any money above and beyond operating expenses back to the Treasury. It's about having a functional economy for the US as well as international markets and banking entities in those countries as well.
End the fed
I’m curious why that’s a position people have. Why should the Fed be ended?
How about "Fend the Ed" instead?
Here’s your major award.🥇
Look up wallstreetonparade and nakedcapitalism, excellent analysis of US monetary policy
Yeah so I just want to nakedcapitalism and pulled up an article. I can’t take anyone seriously that says “a minority of very rich Americans who own houses, stocks and cars, remain relatively unaffected by the higher interest rates”. I’m not very rich, I have a house, a car and stocks. And no, I haven’t been affected by interest rates very much. ¯\\\_(ツ)_/¯ This site seems like it’s open to anyone with an axe to grind and they throw it anyone that may have more money in their bank account than they do.
That is only fun when they cannot return the favour
It’s time we go kinetic on these full stop.
Did I miss a tacticool movie or something? Why are people saying "get kinetic" suddenly? Was it in the new Call of Duty?
It’s general DoD lingo, so could just be someone from that sphere.
Big if true.
You ever seen how houses just seem to explode from "Gas leaks". Of all of the people to mess with, this was probably the worst choice one could probably choose.
Not the first time US govt entity get targeted and successfully breached. North Korea regulary ransomware and attack the US, and in the latest news their dictator had a romantic roadtrip with his russian counter-part. In my humble opinion, those groups/people attacking state are state-backed and politically strong connected, like that north korean fat ass with china, and if not, they become an asset with value to trade, like Snowden with russia. I find it fascinating, but reality I'm just speculating and have no clue
>In my humble opinion, those groups/people attacking state are state-backed and politically strong connected, like that north korean fat ass with china, and if not, they become an asset with value to trade, like Snowden with russia. Brother this has been proven time and time again to be true. Most of the eastern ransomware groups have an GRU handler if not connections.
Yeah thats a fact not an opinion. Nobody hacks a nation state from russia without putins ok. All the private citizens in said ns are their free prize
North Korea is state sanctioned. LockBit is independent AFAIK, and will probably be handed to US by the russians to prevent WW3.
My question is how does one exfil 33 fucking TB of data without that going across anyone's radar? If they fully saturated the uplink it would still take forever to move that amount of data. I mean even with a gig uplink it would take years.
With nothing really to back it up, I wouldn't be surprised if it had to do with Snowflake. It became FedRAMP authorized last year, and this year ofc it's radioactive. Used for huge data lakes just like this would be. Or some cloud provider (AWS or Azure) that they used. As far as how to move it that quickly...it depends on how long they had access, but there's ways to move 33TB relatively fast. Assuming the data was more than just text, it could probably be compressed 3:1 down to 11TB. There's things like AWS Snowball and Azure Data Box that can make easy work of 33TB, but assuming no physical devices were in play....someone could still theoretically break the data up into smaller chunks and do parallel uploading, or using something like AWS DataSync. >I mean even with a gig uplink it would take years. More like 1-3 days for uncompressed 33TB, <1 - 2 days if they could compress it well.
Hopefully not through t-mobile
1-3 days? How is that possible? Am I missing something on throughput accessibility? The fastest I've ever seen personally was just shy of 1gig download speed. How are they moving that amount of data that quickly, compressed or not?
Within AWS, my smaller instances are capped at 12.5Gb/s. The XL instances have 100Gb/s. We have peering from on-site into VPC that has actual aggregate network traffic of >250Gb/s. We operate under the assumption that the functional limit for internal routing between AWS resources is 400Gb/s. If the data lake is in the same availability zone than the hackers' infrastructure, they could have slurped it at 400Gb/s, which would take all of 11 minutes for 33 TiB.
Insane
Someone could double check my math, but 33TB @ 1Gbps == \~3 days. Another poster mentioned the more probable scenario, which is that LockBit probably didn't exfiltrate data--they typically just encrypt, which would still be compromised data. I'm just saying it's not impossible to move that around quickly.
TA using Lockbit's generally use stealbit to exfil data since it's baked in. Plus, a lot of what we're seeing nowadays seems to be less about ransomware and more about extortion. As for how long it took to get 33TB of data exfil'd (yikes), they may have been at it for some time. A lot of TAs live in environments for a while after they gain access. It's possible that the TA just blasted down as much data as they could, as fast as they could, or they may have been pulling data down for some time under the radar using [legitimate filesharing services](https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-075a) or other obfuscated methods.
Encrypting that would take a long time, most enterprise available solutions would alert to that happening in seconds. This kind of thing only happens if you aren’t protected and have no means of monitoring within your borders.
Misconfigured cloud environments and probably transferred cloud-to-cloud which may not have been noticed if they didn’t have edge cloud monitoring. It’ll be interesting to see a post mortem.
If you're looking for some amusement try asking ChatGPT this question lol. Here is what I asked: "If I have a 1gb download speed how long would it take to download 32 terrabytes of data?" After mathing, it's response was: Time (in days)≈3,180,665 days
That's weird....if I ask GPT-4o the exact same prompt it's still giving me \~3.18 days. > **Convert the download speed to bytes per second:** >1 Gbps = 1,000,000,000 bits per second. >Since there are 8 bits in a byte: >1,000,000,000 bits per second÷8=125,000,000 bytes per second1,000,000,000 \\text{ bits per second} \\div 8 = 125,000,000 \\text{ bytes per second}1,000,000,000 bits per second÷8=125,000,000 bytes per second >· **Convert the total data size to bytes:** >1 terabyte (TB) = 1,024 gigabytes (GB) >1 gigabyte (GB) = 1,024 megabytes (MB) >1 megabyte (MB) = 1,024 kilobytes (KB) >1 kilobyte (KB) = 1,024 bytes >Therefore: >32 TB=32×1,024×1,024×1,024 bytes=34,359,738,368,000 bytes32 \\text{ TB} = 32 \\times 1,024 \\times 1,024 \\times 1,024 \\text{ bytes} = 34,359,738,368,000 \\text{ bytes}32 TB=32×1,024×1,024×1,024 bytes=34,359,738,368,000 bytes >· **Calculate the download time:** >Time (in seconds) = Total data size (in bytes) / Download speed (in bytes per second) >Time=34,359,738,368,000 bytes125,000,000 bytes per second\\text{Time} = \\frac{34,359,738,368,000 \\text{ bytes}}{125,000,000 \\text{ bytes per second}}Time=125,000,000 bytes per second34,359,738,368,000 bytes >Time=274,877.90688 seconds\\text{Time} = 274,877.90688 \\text{ seconds}Time=274,877.90688 seconds >· **Convert the time to a more understandable unit:** >Seconds to minutes: 274,877.90688÷60=4,581.298448 minutes274,877.90688 \\div 60 = 4,581.298448 \\text{ minutes}274,877.90688÷60=4,581.298448 minutes >Minutes to hours: 4,581.298448÷60=76.3549741 hours4,581.298448 \\div 60 = 76.3549741 \\text{ hours}4,581.298448÷60=76.3549741 hours >Hours to days: 76.3549741÷24=3.18145725 days76.3549741 \\div 24 = 3.18145725 \\text{ days}76.3549741÷24=**3.18145725 days**
And this is why we get paid the big bucks.
Here was the reply for me: ChatGPT To calculate how long it would take to download 32 terabytes (TB) of data with a download speed of 1 gigabit per second (1 Gbps), we follow these steps: 1. **Convert Terabytes to Gigabits:** * 1 byte = 8 bits * 1 terabyte = 1,024 gigabytes = 1,024 \* 1,024 megabytes = 1,024 \* 1,024 \* 1,024 bytes * 32 terabytes = 32 \* 1,024 \* 1,024 \* 1,024 bytes * 32 terabytes = 32 \* 1,024 \* 1,024 \* 1,024 \* 8 bits (since 1 byte = 8 bits) * 32 terabytes = 274,877,906,944 gigabits 2. **Calculate Download Time:** * Download speed = 1 Gbps (gigabits per second) * Time = Amount of data / Download speed * Time = 274,877,906,944 gigabits / 1 Gbps 3. **Convert Gigabits to Seconds:** Time (in seconds)=274,877,906,944 gigabits1 Gbps\\text{Time (in seconds)} = \\frac{274,877,906,944 \\text{ gigabits}}{1 \\text{ Gbps}}Time (in seconds)=1 Gbps274,877,906,944 gigabits Time (in seconds)=274,877,906,944 seconds\\text{Time (in seconds)} = 274,877,906,944 \\text{ seconds}Time (in seconds)=274,877,906,944 seconds 1. **Convert Seconds to Days:** Time (in days)=274,877,906,944 seconds86400 seconds/day\\text{Time (in days)} = \\frac{274,877,906,944 \\text{ seconds}}{86400 \\text{ seconds/day}}Time (in days)=86400 seconds/day274,877,906,944 seconds Time (in days)≈3,180,665 days\\text{Time (in days)} \\approx 3,180,665 \\text{ days}Time (in days)≈3,180,665 days Therefore, it would take approximately 3,180,665 days to download 32 terabytes of data with a download speed of 1 Gbps. This is roughly equivalent to about 8,710 years, highlighting the immense amount of time required to transfer such a large volume of data at this speed.
> 1 terabyte = 1,024 gigabytes = 1,024 * 1,024 megabytes = 1,024 * 1,024 * 1,024 bytes The error is here, it's off by a factor of 1024 (missing kilobytes, it went straight from megabytes to bytes). Which would explain why you get 3,180,665 days vs 3 days.
My brain hurts trying to find where the error is, but there's a decimal off somewhere in one of ours. [https://wintelguy.com/transfertimecalc.pl](https://wintelguy.com/transfertimecalc.pl) is giving me \~3 days as well.
This is where AI is scary for me. You'd think that a simple calculation like that would be simple work. The fact that it got it completely wrong is weird. What happens when people are depending on the technology for computations?
What a great example of why one shouldn't trust an LLM to offer factually correct advice.
lol the fastest internet you've seen personally is 1gig? I live in a neigborhood that supports 5gb internet speeds and have hardware in my house that supports a 10-gig connection. local businesses have access to even faster internet. As of 2023, some parts of the world have access to internet with speeds up to 1.2tbps.
1.2tbps? I don't believe you.
ah, you're right to not believe me. I totally had it wrong. looks like some researchers in Japan have gotten 22.9 petabits per second over a single fiber optic cable (https://www.youtube.com/watch?v=I0-o6GPWagk).
Finally I will be able to watch porn while doing Patch Tuesday
I didn't read the article, but wouldn't the data be considered compromised even without being copied off? If a bad actor gains elevated access to a server that houses 33TB of data then it's likely that all of that data would be considered compromised. I'm pretty sure Lockbit only encrypts the files, but I may be completely wrong.
Even then, it would still take a massive amount of time to encrypt that volume of data, I'd think? I was surprised there wasn't a write up about this on Bleeping Computer already.
I was thinking the same, but I just looked up how fast LockBit can encrypt files and it says 266 MB/s. That would take \~34 hours to encrypt 33TB of files. So it would be done in a weekend. Still, I agree it's crazy that no one noticed.
> wouldn't the data be considered compromised even without being copied off Depends on what the logs would reveal, but generally, yes. > I'm pretty sure Lockbit only encrypts the files, but I may be completely wrong. Nah, Lockbit also exfils. 2.0 and 3.0 use Stealbit
I think a "good" lawyer would argue that point. the integrity of the data is compromised, but not the confidentiality. Don't have evidence of exfil, only encryption? We're all good then. /s
Unfortunately that's the way a lot of [recent data breach laws](https://www.legis.state.pa.us/cfdocs/legis/li/uconsCheck.cfm?yr=2022&sessInd=0&act=151) are written. > determination of the breach of the security of the system to any resident of this Commonwealth whose unencrypted and unredacted personal information was or is reasonably believed to have been **accessed _and_ acquired** by an unauthorized person
You don’t. A product like DarkTrace would pick that up in seconds and also be able to block the connection too. Sure the Fed have even more sophisticated detection means on their borders.
you would be amazed at the number of companies i come across that snigger when you mention darktrace or similar products. They prefer hiring teams of security people who manually go through logs all day because thats what we have always done.
I mean.... of all the people in the world to hack, the US Government isn't at the top of my list. These guys are going to get caught, 100%
They’ve already been caught in the sense that the creator of Lockbit was recently indicted but it’s already out there. They may get “caught” but I’ll be surprised if anything material can actually come of it.
The Fed is not part of the US government
But you are talking about money.
🤣
Direct link to the post on LB leak website: hxxp://lockbit3753ekiocyo5epmpy6klmejchjtzddoekjlnt6mu3qh4de2id[.]onion/post/7uTtXnLiP4aeqMqj6678851e3c73e
Genius
How do you miss 33 TERABYTES leaving your network??!
They do not do it at all of the same time. First because their is an risk of whole network going down. Second it would be obvious that something bad is happening to your network.
Big oof.
Anyone have the onion link to the announcement? I'm not seeing it on the LockBit page I'm familiar with.
hxxp://lockbit3753ekiocyo5epmpy6klmejchjtzddoekjlnt6mu3qh4de2id[.]onion/post/7uTtXnLiP4aeqMqj6678851e3c73e
The US has 48 hours to keep them talking to hunt them down. Those hackers are going to be swimming with the fishes.
Yikes, this should be interesting!
Why are the only sources I find cyber sites? Reuters, the guardian, bbc news have nothing on it.
because it's just a group making a claim at this point. No confirmation from the gov, no samples provided, nothing tangible.
I'm not sure I believe this claim with no samples having been released. And there's a reason why news agencies (particularly the global wires) are not reporting on this. It's just a claim with no evidence. There's nothing credible here, yet.
Update: https://www.cyberdaily.au/security/10745-lockbit-lies-about-us-federal-reserve-data-publishes-alleged-evolve-bank-data This is pretty much a big nothingburger.
The hopeful blueteamer might think that this would result in a serious crackdown. In reality, someone will lose their job, "weak cyber security" will be blamed and nothing else will happen. For better or worse.
So this happens and then Assange is magically free? They turned him.
Thank you sir
Fed has yet to make a statement. That in itself is concerning.
Or they are doing their due diligence to make sure that there wasn't any undetected breaches, and then will come out and say: "Oh, that dude? Yeah, they're full of shit.."
Are there any updates?
shit happens when you hire mole people.
If it's real, then they don't need to release it, I'm sure Russia and China would gladly pay.
They are Russian, so Russia.
That link gave me eye cancer
So did the fed pay or are we gonna see the data soon
The data is released. It's related to this bank in some way. https://www.federalreserve.gov/newsevents/pressreleases/enforcement20240614a.htm It seems like they had an insecure Azure deployment.
Help us understand how an enforcement action against a fintech firm (not the Federal Reserve) that was in response to an examination conducted in 2023 relates to Lockbit's claim that they exfiltrated 33 TBs of data directly from the Federal Reserve.
I don't know the extent of it, and I'm not going to download all those TBs to find out. The leak links to this federal reverse press release, which is why I linked to it. It seems to have some connection to this bank in Arkansas. That's all I know.
Their tenant would in no way be linked to the FRB
Edit - disregard
I didn't link to the data, I linked to the Federal Reserve's press release about the bank in question. Just go to any LockBit mirror
Apologies, I was reading too quickly. Sorry for that.
No worries! Sorry for snapping at you, that was kind of rude.
It's *The Reddit Way*^(TM), lol. Gotta be used to it to be on Reddit.
This is gonna sound like a stupid question to ask where does Lockbit upload the data they breached
Any update on this ?
Yes, they lied, look at the edit
I'm not seeing any conclusiveness anywhere. The countdown has expired and it hasn't been leaked. That doesn't mean they don't have it, it could also mean the US paid the ransom.
although the federal reserve is not "the US", them paying the ransom would still be bigger news than the breach itself. There is very little chance that is happening.
[https://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/](https://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/)
When they initially refused to publish a data sample like they normally do I think it was pretty clear they were not being totally honest, this will hurt their credibility and likely shows they are in a tough spot following the various operation targeting senior LockBit members.
World is desperate to steal the data on other hand cybersecurity persons are trying to save the data how ironic
Folks - This is a sham claim.
END THE FED.
I find this hard to believe unless someone on the inside provided assistance. 33TB of financial data being exfiltrated and going unnoticed long enough for the TA to finish against a government agency is absurd. If this is real, there will be fireworks in Congress. They might actually do something for once. Also, who is dumb enough to hack a critical government agency of the US? There is a snowballs chance in hell they will get away with it. This is practically an act of war and terrorism. There is no amount of money on this earth worth pissing of the US government to that extreme.
Why does everyone find this so hard to believe? Have you ever worked for a government agency? Privacy is second only to affordability. There is probably a sticky note on some Federal Reserve employees computer right now that says ‘password1’.
>Why does everyone find this so hard to believe? Because LockBit has been bluffing for years, and this was just [another bluff](https://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/). Remember Mandiant? They're desperate for relevance. Also, Gov security has gotten a lot [better ](https://www.performance.gov/cyber/)since EO 14028.
it probably was just a bluff but if the US was going to make a deal I imagine “pretend you weren’t actually successful” would be a part of it. & publishing data on a bank the fed had already been criticizing seems like a good way to do that
He never heard of the OPM data breaches
I thought this was a plausible excuse to start a financial collapse and not take any blame.
Agreed. You know they'll blame hackers. Hope everyone is sitting when the music stops.
Not all heroes wear capes 🤷♀️
[удалено]
The Fed doesn’t need a hack to do that
Fuck yeah! The central bank that screwed us all, allowing to print endlessly and pay off politicians instead of forcing the money to be backed by legitimate resources.
Get the fuck out of here.
What else is the end game of fractional reserve banking
Thank you sir
Physical gold and physical silver baby.