Lockbit Announces Three New Victims
Lockbit announced recently that it’s breached three victims in Canada, Germany, and Switzerland. No information is available regarding the ransom demands or how successful Lockbit’s operation has been.
- The three victims mentioned in Lockbit’s original post are the Canadian Northern Casket 1976, Trans Maritime from Switzerland, and the German Institute fur Pathologie der Rurh-Universitat Bochum
- Lockbit is known for its aggressive negotiation tactics and highly tactical cybercriminal operations
- The organization has been the target of a recent FBI operation that aimed to dismantle the hacker group
- Lockbit bounced back several days later and attacked FBI’s website in response
Lockbit has been as active as ever following FBI’s Cronos operation which took place in February. This made some people wonder whether the entire FBI operation was simply a scam orchestrated by the Lockbit hackers themselves.
This isn’t unheard of, as several cybercriminal organizations have done that before. Their websites were displaying the message “This Website Has Been Seized by FBI” for several days before the group was back in business as if nothing happened.
The hackers would then release a statement that they’ve managed to beat the FBI and resume their normal activity. Obviously, this was done with the intent of painting themselves as untouchable.
However, this isn’t the case with Lockbit, as the FBI itself has published a detailed summary of the Cronos operation. According to the report, the FBI did seize Lockbit’s assets for a while, managing to uncover hundreds of decryption keys in the process.
They also uncovered Lockbit’s plans for a 4.0 version, which the specialists stated that it was in late-stage development. However, Lockbit regained control of their systems shortly and fired back by hitting the FBI itself with a ransomware lock.
Our Mission
We believe security online security matters and its our mission to make it a safer place.
Where Is Lockbit Headed Now?
Lockbit is currently the largest, most dangerous, and most versatile ransomware actor in the world with over 2,000 victims worldwide, over $121 million in ransom revenue, and a scary reputation. And it doesn’t appear to stop anytime soon.
Lockbit is notoriously aggressive and resourceful, carrying several attacks per day, every day. This is an impressive level of activity even by any standard. As anonymous sources have stated, Lockbit operators have the task of infiltrating between 5 and 15 targets daily.
The infamous ransomware ring uses the double-extortion method, both encrypting the victim’s files and exfiltrating important data to use as leverage during negotiations. If the victim refuses to pay, they will publish the stolen data on their public platform.
This can quickly lead to a slippery slope, with other cybercriminal rings using the now publicly available data to their advantage. Furthermore, cybersecurity experts claim that this happens anyway, whether the victim pays the ransom or not.
Which is why most professionals advise against paying the ransom. Instead, take the loss and improve your cybersecurity to make sure this doesn’t happen again. If you qualify as a potential victim for Lockbit, it’s time to invest in some cybersecurity defense.
The standard recommendation is to work with qualified experts when doing so. They can identify and fill up the holes in your system better than you ever could.