LockBit Responsible for Another Attack
The notorious LockBit ransomware gang announced another US-based company named Ottlite. Few details are known about the operation, aside from the fact that Ottlite has 25 years of experience in daylight indoor systems.
- LockBit posted the news about the attack on their leak website
- The original post also displayed a timer set at a little under 2 days, which represents the time window during which the victim is supposed to contact the hackers
- LockBit operators are known to be extremely fierce negotiators, rarely making compromises
- Ottlite didn’t comment on the incident, so it’s unclear whether they’ve decided to pay the ransom or move on
LockBit is currently the largest and most intimidating ransomware gang in the world, with thousands of confirmed victims worldwide. According to the FBI’s report following Operation Cronos, LockBit managed to secure little over $112 million in ransom payments.
Operation Cronos took place at the end of February 2024, during which the FBI, along with its European counterparts, tried to bring LockBit down. FBI’s endeavors had limited success. While the feds managed to infiltrate LockBit and seize their website, the gains were short-lived.
LockBit managed to recover access thanks to their backup servers. The gang then mocked the law enforcement agencies that partook in the operation. And hit the FBI itself with a ransom note.
This recent attack is part of LockBit’s increasing activity, as the gang has ramped up its operations. According to the latest data, ransomware attacks have experienced a 55% increase during Q3-Q4 of 2023 and Q1 of 2024, compared to 2022.
The number of victims willing to pay the ransom also increased visibly. More importantly, many of the victims refuse to report the breach, making it difficult to assess the situation to its full extent.
How Dangerous is LockBit?
LockBit is currently considered the most dangerous and advanced ransomware actor in the world. Operation Cronos revealed a total of more than 2,000 confirmed victims worldwide and hundreds of decryption keys.
The FBI made them public so that LockBit’s active victims at the time could use them. More importantly, it was revealed that LockBit’s 4.0 version was already in the making in “advanced developmental stages.” This is worrying, to say the least.
Currently, LockBit 3.0 is in use and it’s effective enough to breach high-value targets regularly. From an MO standpoint, LockBit relies on the tried-and-tested double-extortion practice, encrypting the victim’s system and stealing valuable data.
The hackers always leave a ransom note behind, urging the victim to contact them for negotiations. If their demands aren’t met, the operators will leak the stolen data publicly. Experts warn that, in most cases, they will do the same even if the ransom is paid.
The reason being that the victim cannot verify whether the hackers have kept their word to delete the data. So, the hackers will most likely keep it to themselves or sell it for profit. Which is why the general recommendation is to ignore any demand.
Don’t contact the hackers, don’t acknowledge their demands, and don’t pay the ransom.
Our Mission
We believe security online security matters and its our mission to make it a safer place.
