Accounts with third-party service providers were used “for exfiltration or infrastructure,” according to a post by law enforcement on LockBit’s seized darkweb domain.
Interesting piece. It's a bit weirdly worded in that it suggests that the police shut the accounts when really it's Mega, Proton, Tuta who are closing the accounts. Presumably the police tell those companies which accounts are being used for illegal purposes and then those companies then close the accounts. I was a bit alarmed at first because it sounded like the authorities were closing the accounts when that's not really the case.