• Home
  • News
  • Infamous Lockbit Infects 2 More

Infamous Lockbit Infects 2 More

Miklos Zoltan

By Miklos Zoltan . 31 January 2024

Founder - Privacy Affairs

Alex Popa

Fact-Checked this

Lockbit is responsible for 2 more attacks in Mexico and USA. The victims are Moto Repuestos Monterrey and Saint Anthony Hospital.

  • According to Lockbit’s leak post, the victims have until February 2nd and 12 to reach an agreement regarding the ransom payment
  • In case no agreement is reached, Lockbit will publish the stolen data on their TOR platform
  • It also seems that Saint Anthony Hospital refused to negotiate, as Lockbit announced that they will publish the stolen data soon
  • There is no word on how negotiations go with Moto Repuestos

Lockbit is currently the most feared ransomware actor for a number of reasons. The main one is the actor’s veteran status and level of sophistication. Lockbit has been active for nearly 5 years, during which it has suffered numerous upgrades.

The ransomware actor is known to have improved its code considerably and adjust its MOs along the way. They even created a trademark malware called Stealbit, which they use to automate the data stealing process.

X showing the LockBit attack on the 2 new victims
https://twitter.com/FalconFeedsio/status/1752625267271667968

Lockbit is known to have rough negotiation tactics with a pretty unbending attitude. This explains why so many victims refuse to pay the ransom. This doesn’t mean much for Lockbit, though, because the organization is so active and powerful.

Unlike small and medium-sized ransomware actors, Lockbit prefers to go for quantity over quality. The organization is always active, always on the lookout for potential victims and relies on brute force rather than subtlety.

Lockbit’s Unique Profile and MO

Lockbit’s preferred form of activity is the spray-and-pray tactic, although not much praying is involved, because the actor’s effectiveness leaves no room for uncertainty. Lockbit targets multiple victims within short periods of time.

This increases the chance of breakthrough, which often leads to multiple confirmed casualties. It’s not uncommon for Lockbit to infect 2 to 5-6 victims at once and negotiate with all of them at the same time. This type of MO is very good for business.

It has been reported that Lockbit has over 1,700 casualties on record and the numbers keep growing. This shows that Lockbit is powerful, resourceful, well financed, and fearless, which suggests potent connections in the ransomware world.

The organization also works with other cybercriminal groups to break harder-to-crack targets. This MO allowed Lockbit to collect close to $100 million in paid ransoms over the course of 3 years.

And only time can tell what the future holds.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment