On 8th of September, the LockBit ransomware group announced on Dark Web that they’ve added the Hanwha Group to their victim list. They also stole 800GB worth of data from the organization.
Being a Fortune 500 company and the 7th largest business enterprise in South Korea, the Hanwha Group made an attractive target for the hacking group.
Since the Hanwha Group hasn’t responded publicly yet, we don’t know if the details about the attack are real or not. For now, they remain allegations made by LockBit.
We believe security online security matters and its our mission to make it a safer place.
LockBit was the most notorious and “popular” ransomware in the world back in 2022. It still remains a top-threat in 2023.
According to America’s Cyber Defense Agency:
The LockBit Ransomware group (RaaS) has been very prolific throughout the years, attracting many affiliates (individuals with access to the LockBit program).
They generally promise ransom payments to the affiliates first, disparage other ransomware groups online, and engage in publicity stunts.
The LockBit ransomware program is also one of the simpler ones available on the black market, from an accessibility standpoint. This way, even those with a low technical level can use it effectively.
In short, the LockBit Ransomware group is one of the best-organized hacker groups in the world. They’re hiding their identities well, attract a lot of affiliates, and they’re very skillful.
We should expect the Hanwha Group attack to become a precursor for other high-stake attacks in the near future.