LockBit Produces Mass Casualties

By Miklos Zoltan . 10 May 2024

Founder - Privacy Affairs

Fact-Checked this

LockBit announced a massive ransomware operation that targeted 23 victims recently. This hit comes days after an even larger one on the 7^th, during which the hackers infiltrated 42 targets. The victims are spread out across multiple countries.

Some of the countries targeted by LockBit include Argentina, the US, the UK, Peru, Spain, Chile, France, and Italy
The victims are all medium and high-value targets with considerable revenue values
The most prominent victims include the UK’s Kings Academy and Brockington College, the Sripatum University from Thailand, and the Italian Randi Group
LockBit operators haven’t published any other details about the operation aside from brief summaries of each victim

This is one of the largest ransomware operations to date, following the one several days ago when the hackers targeted 42 institutions. The scale of the attacks is unusual even for LockBit, despite its reputation as the fiercest ransomware actor in the world.

Some suggest that these recent operations are proof of LockBit upgrading its systems and tactics. This allows the organization to operate at a higher magnitude, targeting multiple businesses over shorter periods of time.

It’s also impressive that the hackers have managed to identify and breach so many vulnerable victims. Especially given that most ransomware attacks fail to achieve their goal.

X showing the LOCKBIT 3.0 attack on the 23 victims — https://twitter.com/FalconFeedsio/status/1788542513344565574

It’s unclear at this point whether the victims have decided to negotiate with the LockBit operators. The hackers also haven’t posted any information regarding the value of the ransoms or how much data they’ve managed to steal.

X showing the Lockbit attack on the 42 victims — https://twitter.com/FalconFeedsio/status/1787833412130402661

LockBit is the largest and most advanced ransomware organization in the world. According to the FBI, the organization is not only the most successful in terms of results, but the most well-funded as well.

Operation Cronos, which aimed to destroy LockBit back in February of the current year, revealed that the group had over $112 million in ransom gains up to that point. It is presumed that these numbers have gone up since then.

How to Prevent LockBit Attacks?

This is undoubtedly a burning question, given LockBit’s latest rampage. The answer is fairly simple, but complex too at the same time. LockBit generally resorts to typical MOs like spear-phishing to gain access to the victim’s system.

In some cases, they may use stolen credentials acquired from third-parties or even infect legitimate software. Some of these methods can be prevented, while others not so much.

There’s nothing you can do if the hackers steal your credentials from a legitimate platform as a result of an internal data leak. Prevention can do a lot to mitigate some of the risks associated with ransomware breaches, but not all.

This means that you need to have a plan B in place for when you actually get breached. Which, if you’re a medium-to-high-value business, will happen at some point. In that case, experts recommend a no-negotiation approach.

Create backups for the data and avoid contacting or negotiating with the hackers. Or, worse, pay the ransom. All that does is to mark you for future breaches because the hackers always return to those who pay.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Founder & CEO Privacy Affairs

Miklos Zoltan is the founder and CEO of Privacy Affairs. Miklos has long-time experience in cybersecurity and data privacy having worked with international teams for more than 10 years in projects involving penetration testing, network security and cryptography.

Miklos founded Privacy Affairs in 2018 to provide cybersecurity and data privacy education to regular audiences by translating tech-heavy and "geeky" topics into easy-to-understand guides and tutorials.

Cookie	Duration	Description
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	1 year	The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data.
wpEmojiSettingsSupports	session	WordPress sets this cookie when a user interacts with emojis on a WordPress site. It helps determine if the user's browser can display emojis properly.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
_omappvp	1 year 1 month 4 days	The _omappvp cookie is set to distinguish new and returning users and is used in conjunction with _omappvs cookie.
_omappvs	20 minutes	The _omappvs cookie, used in conjunction with the _omappvp cookies, is used to determine if the visitor has visited the website before, or if it is a new visitor.

LockBit Produces Mass Casualties

How to Prevent LockBit Attacks?

Our Mission

Miklos Zoltan

Leave a Comment Cancel