February 22, 2024 at 02:56PM Law enforcement’s disruption of the LockBit ransomware crew revealed they were developing a new variant. Unlike competitors, LockBit chose .NET and CoreRT instead of Rust for its latest locker. The in-development variant aimed to counter code leaks with a new expiry date but lacked some capabilities of previous versions. The … Read more
February 22, 2024 at 01:35PM Attackers exploit a severe authentication bypass vulnerability to breach unpatched ScreenConnect servers, deploying LockBit ransomware. ConnectWise released security updates, including a patch for a high-severity path traversal flaw. Both bugs impact all ScreenConnect versions. CISA ordered U.S. federal agencies to secure servers within a week. Threat actors have deployed LockBit … Read more
February 22, 2024 at 08:52AM LockBit ransomware developers were working on a new version, LockBit-NG-Dev, likely to become LockBit 4.0, before law enforcement dismantled their infrastructure. Trend Micro’s analysis revealed this new version’s capabilities, including support for multiple operating systems and encryption modes, though lacking some features from previous iterations. The discovery poses a challenge … Read more
February 22, 2024 at 07:51AM The United States is offering significant rewards for information about cybercriminals involved in the disrupted LockBit ransomware operation. Law enforcement agencies have made seizures and implemented disruptions to the cybercrime operation, even mocking cybercriminals and taking down associated servers. Rewards, charges, sanctions, and crackdowns on individuals continue amidst skepticism about … Read more
February 22, 2024 at 03:04AM Summary: LockBit, a Ransomware-as-a-Service, faced internal and external challenges resulting in a decline. The leaked LockBit builder led to confusion and loss of confidence. Technical issues and dissatisfaction among affiliates further aggravated the situation. The recent development of LockBit-NG-Dev suggests an upcoming version, indicating efforts to revive the group’s deteriorating … Read more
February 21, 2024 at 11:29AM The U.S. State Department is offering up to $15 million in rewards for information about the LockBit ransomware gang. The gang has been linked to over 2,000 victims and received over $120 million from ransom demands. Operation Cronos led to the seizure of LockBit’s infrastructure and arrests of affiliates in … Read more
February 20, 2024 at 03:17PM Ransomware attacks in 2023 saw a 20% increase in median initial ransom demands, reaching $600,000. Sectors such as legal, government, retail, and energy are seeing median demands of $1 million or more. LockBit, BlackCat/ALPHV, and Cl0p were the primary groups carrying out attacks, with LockBit dominating the market. Key takeaways … Read more
February 20, 2024 at 11:07AM LockBit’s infrastructure has been dismantled by Western authorities in “Operation Cronos.” The UK’s National Crime Agency seized control of LockBit’s site, promising a slow release of revelations. Two affiliates have been arrested, adding to previous arrests. DoJ indicted two Russian nationals. Despite challenges, the takedown is a significant win, with … Read more
February 20, 2024 at 10:58AM Global law-enforcement agencies, including the FBI, disrupted the LockBit ransomware gang’s activities through Operation Cronos. The seizure encompassed source code, victim details, decryption keys, and intelligence on the group’s operations. The NCA confirmed control over LockBit’s administration environment and announced a series of daily disclosures about the group’s operations. Additionally, … Read more
February 20, 2024 at 08:51AM The UK’s National Crime Agency seized LockBit’s source code and intelligence in Operation Cronos, arresting two actors and freezing 200 cryptocurrency accounts. The agency dismantled servers, retrieved decryption keys, and took control of LockBit’s services to disrupt its criminal enterprise. LockBit, known for its ransomware attacks, made over $120 million … Read more