Home Health Lockbit 3.0, cybercrime is evolving faster than our companies

Lockbit 3.0, cybercrime is evolving faster than our companies

by admin
Lockbit 3.0, cybercrime is evolving faster than our companies

It is well known that ransomware gangs are one of the main problems for organizations and institutions around the world, we are talking about structured organizations that operate on a global scale with revenues that are the envy of our companies.

What many ignore is the ability to innovate their campaigns by introducing software improvements to circumvent the main defense systems, but above all to prevent victims from recovering data without paying the ransom due to flaws that security experts could find in the code of the ransomware they use.

Today I would like to bring to your attention the case of the criminal gang Lockbit, active since 2019 and today one of the most active organizations in the world. According to many experts, the group has Russian origins, however with regard to the war in Ukraine it reiterated its neutrality to military operations and reiterated its focus on extortion and far from political disputes.

The Lockbit ransomware operation recently released a new version, LockBit 3.0, of its operation, which has important innovations such as a bug bounty program, the possibility for victims to pay using the Zcash cryptocurrency, and a new extortion method. If you have any doubts about the effectiveness of the new operation, just know that many organizations have already been added to the list of victims of LockBit 3.0, including the Italian Fabbrica Automatismi Apertura Cancelli (FAAC).

Figura 1 – Tor Leak site di BitLocker 3.0

Probably the main novelty of the new operation is the introduction of a bug bounty program to reward those who privately report flaws in their ransomware software or in the infrastructure they use to the criminal gang. This is a unique initiative in the criminal ecosystem that specializes in delivering Ransomware-as-a-Service.

Bug bounty programs are extremely useful for companies that want to find flaws in their products before attackers of various types do. The researchers who participate in these programs are rewarded by the companies in cash, the value of the reward is proportional to the complexity of the flaws they detect and their impact.

The Lockbit gang has announced rewards of between $ 1,000 and $ 1 million for those who report flaws in their malware.

“We invite all security researchers, ethical and unethical hackers on the planet to participate in our bug rewards program. The amount of remuneration ranges from $ 1000 to $ 1 million, “reads the bug rewards program announcement posted by the ransomware group.

Lockbit also intends to reward those who provide “brilliant ideas” to improve their operations.

Another novelty is represented by the fact that the gang now accepts payments in Zcash, as well as in Monero and Bitcoin, this is because the cryptocurrency is considered reliable for the protection of the anonymity of transactions.

Operation LockBit 3.0 also uses a new extortion model that allows threat actors to purchase data stolen from victims during attacks.

Experts have noticed a JavaScript file that allows users to purchase the leaked data on the site and also download it via a Torrent. It is therefore worth reflecting on how criminal groups work to improve their operations. The innovations introduced by Lockbit 3.0 confirm the innovative capacity of the criminal enterprise, also benefited by the enormous financial resources deriving from the proceeds of illicit activities.

Our companies will necessarily have to innovate their defense models in the face of a threat that changes and improves over time, otherwise we will face catastrophic attacks that will have important repercussions on the companies affected and on the value chains to which they belong.

See also  How much did ransomware attacks cost companies around the world in 2021?

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy