• Home
  • News
  • Lockbit Hits Nicaragua and Canada

Lockbit Hits Nicaragua and Canada

Miklos Zoltan

By Miklos Zoltan . 6 December 2023

Founder - Privacy Affairs

Alex Popa

Fact-Checked this

Two commercial entities, La Prensa and ALDO Shoes, got hit with the LockBit ransomware. One of them in located in Nicaragua and one in Canada. The attacks appear to be financially motivated, which is common for LockBit attacks.

  • LockBit ranked as number one in the list of the Top 10 Ransomware groups in 2022, being the most active cyberthreat actor during that time
  • There have been over 1,000 LockBit attacks in 2022 alone
  • LockBit first became active in September of 2019 and has been upgraded several times since then
  • LockBit is among the most sophisticated and complex ransomware agent, forcing the victims to either pay up or lose their data entirely

LockBit first came to prominence in 2019 under the name of ABCD due to the file extension they were using (.abcd). The group’s most recent attack falls in line with the organization’s general MO.

LockBit prefers to avoid large enterprises, which is why under 20% of the attacks are aimed at major players. Most victims are relatively low-profile organizations, either small or medium-sized enterprises. The attacks are almost always financially motivated.

Tweet showing the LockBit cyberattack on Nicaragua and Canada
https://twitter.com/FalconFeedsio/status/1732287412888338573

The news about the latest attack was posted by LockBit itself on the organization’s official website on Exploit. This is where they announce upcoming attacks, post recent hits, and even publish the sensitive data of those who refuse to pay.

Who is LockBit?

LockBit only appears interested in immediate financial gains. The organization distances itself from any political affiliations or ideologies of any type. The group’s effectiveness and success rate quickly attracted the attention of other ransomware actors.

Evil Corp began using LockBit in 2022 thanks to its reliability and cost-effective profile. BlackMatter, another ransomware group, was dissolved in 2021 due to the law enforcement targeting it. The database of victims was transferred to LockBit which took over the task of extorting them.

Maze, another famous ransomware actor also started collaborating with LockBit in 2020 in a joint operation hoping to expand their influence and power. The move quickly drew in even more names along the way.

LockBit now ranks as one of the most effective ransomware groups with a low profile and a very complex approach. The victim has few tools at its disposal, as everything pretty much boils down to pay or lose everything.

Most importantly, LockBit appears to ride the wave and constantly improve its technical capabilities. This allows the actor to remain active and successful and carry out even more attacks, while remaining undetected and secure.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment