Lockbit ransomware has claimed 2 more victims since its recent resurrection in an attempt to make a clear statement. Lockbit has been at the forefront of the news recently after being targeted by the Cronos operation.
Not only that Lockbit recover in record time from the FBI operation, but it also targeted the FBI immediately after. The law enforcement agency didn’t comment on the attack, but the investigation is underway, trying to determine how that was possible.
Lockbit also released its 3.0 version soon after the event, showing that the group is fine and thriving and that they’re planning to expand. As of recently, the group’s website went back online, which is rather atypical.
Most ransomware organizations that have been hit by the FBI seek to rebrand themselves and change their tactics. Not Lockbit.
These recent attacks bear the mark of Lockbit’s usual tactics. The group breached the 2 victims on the 26th and gave them 3 days to contact Lockbit operators and begin negotiations. If not, the stolen data will be published publicly.
The 2 involved in the attack are Ernest Health and Silgan Holdings, both from the US.
A similar case happened with other ransomware organizations like Hive and RansomHouse, which disappeared from the public eye in their old form. But their new forms live on.
Currently, there are numerous organizations that share code and tactics similarities with Hive and RansomHouse. Many of the people working for these 2 extortion rings jumped boats and joined other, more modern groups.
This explains why extortion rings never truly go away. They simply change names, reorganize their tools, and spread out their workforce to avoid detection. Arrests are often conducted, but the overall group stands its ground.
The same applies to Lockbit. The problem, though, isn’t only that Lockbit returned, but that, with 3.0, it returned stronger than ever. But what makes Lockbit such a threat in the ransomware sphere? Several things:
These critical points turn Lockbit into one of the most prolific ransomware actors in the world. And it doesn’t appear as if the situation will change anytime soon.
We believe security online security matters and its our mission to make it a safer place.