This post is also available in:
עברית (Hebrew)
In a chilling message posted on February 25, 2025, the alleged leader of the notorious LockBit ransomware group, LockBitSupp, issued a disturbing “birthday gift” to Kash Patel, the newly appointed Director of the FBI. Patel, who assumed office just days earlier, was the target of a threatening diatribe from the Russian-linked cybercriminal, claiming to have stolen sensitive data that could “destroy” the FBI.
The message, posted on the dark web, and reported on by Cybernews, begins with a congratulatory note to Patel for his new position and a warning about the challenges ahead. According to LockBitSupp, the ransomware gang has obtained an “archive of classified information” that contains over 250 folders of materials, dated May 29, 2024. This stolen data, presented as a “guide, roadmap, and some friendly advice,” is described by the hackers as potentially devastating to the FBI’s reputation and structure.
The files, which are said to be password-protected and accessible only by Patel, come with an additional warning: releasing this information could severely damage the FBI, potentially unraveling the agency’s operations. The threat is accompanied by a TOX ID for direct contact, adding to the personal nature of the message.
According to Cybernews, LockBitSupp goes on to characterize FBI agents as “extortionists, liars, blackmailers, and professional manipulators,” while ironically positioning itself as a defender of American security. In the message, the hacker group hints at the involvement of a “pro-state” group—likely China-backed hackers—accusing them of attacking critical infrastructure for espionage purposes.
In a separate communication, dated February 24, 2024, LockBitSupp detailed an FBI operation that successfully seized some of the group’s servers. The post claims that due to “personal negligence” and failure to update critical vulnerabilities, the FBI was able to access a small fraction of LockBit’s decryptors. The message hints that the FBI’s actions were a response to LockBitSupp’s plan to leak stolen documents related to the contested 2020 U.S. presidential election, according to Cybernews.
As the situation develops, it remains to be seen how the FBI will respond to these threats and what impact, if any, the release of sensitive data might have. The ongoing confrontation between LockBit and the FBI highlights the growing dangers of ransomware attacks, especially when tied to geopolitical motivations. With both cybercriminals and law enforcement locked in a high-stakes digital chess match, the stakes for national security continue to rise. This incident underscores the vulnerabilities that even the most secure organizations face in the face of sophisticated cyber threats.
