February 23, 2024 at 01:16PM The LockBit ransomware gang collected over $125 million in ransom payments through more than 500 active cryptocurrency addresses between July 2022 and February 2024. Approximately 2,200 Bitcoin remain unspent, equating to more than $110 million. The group’s impact is estimated to be in the multi-billions, prompting global law enforcement efforts. … Read more
February 23, 2024 at 07:15AM Sophos reported that recent ransomware attacks used the leaked LockBit ransomware builder, dropped on 30 customer networks and created by a different threat actor. The attacks exploit an authentication bypass vulnerability in unpatched ScreenConnect servers, prompting CISA to issue a security directive. Despite a law enforcement operation, LockBit attacks continue … Read more
February 22, 2024 at 06:47PM The LockBit ransomware group faced issues and was shut down by an international law enforcement effort led by the UK’s National Crime Agency due to dissent among members and affiliates. The takedown disrupted its infrastructure and led to several arrests. The group’s viability and reputation have been severely affected, and … Read more
February 22, 2024 at 02:56PM Law enforcement’s disruption of the LockBit ransomware crew revealed they were developing a new variant. Unlike competitors, LockBit chose .NET and CoreRT instead of Rust for its latest locker. The in-development variant aimed to counter code leaks with a new expiry date but lacked some capabilities of previous versions. The … Read more
February 22, 2024 at 01:35PM Attackers exploit a severe authentication bypass vulnerability to breach unpatched ScreenConnect servers, deploying LockBit ransomware. ConnectWise released security updates, including a patch for a high-severity path traversal flaw. Both bugs impact all ScreenConnect versions. CISA ordered U.S. federal agencies to secure servers within a week. Threat actors have deployed LockBit … Read more
February 22, 2024 at 08:52AM LockBit ransomware developers were working on a new version, LockBit-NG-Dev, likely to become LockBit 4.0, before law enforcement dismantled their infrastructure. Trend Micro’s analysis revealed this new version’s capabilities, including support for multiple operating systems and encryption modes, though lacking some features from previous iterations. The discovery poses a challenge … Read more
February 22, 2024 at 07:51AM The United States is offering significant rewards for information about cybercriminals involved in the disrupted LockBit ransomware operation. Law enforcement agencies have made seizures and implemented disruptions to the cybercrime operation, even mocking cybercriminals and taking down associated servers. Rewards, charges, sanctions, and crackdowns on individuals continue amidst skepticism about … Read more
February 22, 2024 at 03:04AM Summary: LockBit, a Ransomware-as-a-Service, faced internal and external challenges resulting in a decline. The leaked LockBit builder led to confusion and loss of confidence. Technical issues and dissatisfaction among affiliates further aggravated the situation. The recent development of LockBit-NG-Dev suggests an upcoming version, indicating efforts to revive the group’s deteriorating … Read more
February 21, 2024 at 11:29AM The U.S. State Department is offering up to $15 million in rewards for information about the LockBit ransomware gang. The gang has been linked to over 2,000 victims and received over $120 million from ransom demands. Operation Cronos led to the seizure of LockBit’s infrastructure and arrests of affiliates in … Read more
February 20, 2024 at 03:17PM Ransomware attacks in 2023 saw a 20% increase in median initial ransom demands, reaching $600,000. Sectors such as legal, government, retail, and energy are seeing median demands of $1 million or more. LockBit, BlackCat/ALPHV, and Cl0p were the primary groups carrying out attacks, with LockBit dominating the market. Key takeaways … Read more