BTC $63442.8276
ETH $3469.7477
BNB $414.4838
SOL $128.8578
XRP $0.6333
ADA $0.7553
DOGE $0.1556
AVAX $42.2817
DOT $9.6926
wstETH $4022.3454
TRX $0.1396
LINK $20.2249
WETH $3455.5461
MATIC $1.0912
UNI $12.3248
WBTC $63402.0644
BCH $454.1971
LTC $89.7149
IMX $3.2697
ICP $13.1197
FIL $10.0810
CAKE $3.2889
ETC $33.3804
LEO $4.7626
ATOM $12.4298
RNDR $7.5236
TON $2.6714
KAS $0.1683
HBAR $0.1120
INJ $39.9268
DAI $0.9998
OKB $57.5556
VET $0.0485
STX $3.0863
FDUSD $0.9998
WEMIX $2.8006
XLM $0.1364
NEAR $4.5218
PEPE $0.0000
XMR $146.1340
LDO $3.3155
GRT $0.3143
ARB $1.9894
THETA $2.3291
TIA $15.9776
ENS $21.4774
CRO $0.1387
BTC $63442.8276
ETH $3469.7477
BNB $414.4838
SOL $128.8578
XRP $0.6333
ADA $0.7553
DOGE $0.1556
AVAX $42.2817
DOT $9.6926
wstETH $4022.3454
TRX $0.1396
LINK $20.2249
WETH $3455.5461
MATIC $1.0912
UNI $12.3248
WBTC $63402.0644
BCH $454.1971
LTC $89.7149
IMX $3.2697
ICP $13.1197
FIL $10.0810
CAKE $3.2889
ETC $33.3804
LEO $4.7626
ATOM $12.4298
RNDR $7.5236
TON $2.6714
KAS $0.1683
HBAR $0.1120
INJ $39.9268
DAI $0.9998
OKB $57.5556
VET $0.0485
STX $3.0863
FDUSD $0.9998
WEMIX $2.8006
XLM $0.1364
NEAR $4.5218
PEPE $0.0000
XMR $146.1340
LDO $3.3155
GRT $0.3143
ARB $1.9894
THETA $2.3291
TIA $15.9776
ENS $21.4774
CRO $0.1387
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • CISA describes how LockBit ransomware works

    U.S. government agencies have released a joint cybersecurity bulletin that details indicators of compromise (IoC) and tactics, techniques, and procedures (TTPs) of the LockBit 3.0 ransomware.

    The alert came from the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Information Sharing and Analysis Center (MS-ISAC).

    Since its inception in late 2019, LockBit hackers have released two versions of their ransomware, LockBit 2.0 (LockBit Red) (2021) and LockBit 3.0 (LockBit Black) (2022). The ransomware is configured in such a way that it does not infect computers with the following language settings: Romanian (Moldova), Arabic (Syria), and Tatar (Russia).

    Initial access to victim networks is achieved through RDP protocol, compromise, phishing campaigns, abuse of valid accounts, and use of public applications as a hacking tool.

    Once in the system, the malware takes steps to establish persistence, elevate privileges, perform lateral movement, and clean up log files, recycle bin, and shadow copies before starting the encryption routine.

    In addition, various free and open source programs and tools have been used by LockBit affiliates. These tools are used for a variety of activities - network reconnaissance, remote access and tunneling, credential reset, and file exfiltration.

    One of the defining characteristics of the attacks is the use of a special exfiltration tool called StealBit, which the LockBit group makes available to affiliates for dual extortion purposes.

    It is worth noting that according to the US Department of Justice as of November 2022, the LockBit ransomware infected at least 1,000 victims worldwide, which brought in more than $100 million in profits.

    Also, security company Dragos previously reported that LockBit 3.0 is behind 21% of ransomware attacks on critical infrastructure in the fourth quarter of 2022 (40 out of 189). Most of these attacks have affected the food, beverage and industrial sectors.

    Despite numerous LockBit attacks, the ransomware gang was dealt a huge blow in late September 2022 when a disgruntled LockBit developer released the build code for LockBit 3.0. This raised concerns that other cybercriminals could take advantage of the code and create their own variants of the malware.

    Author DeepWeb
    Most of the zero day vulnerabilities last year were used by Chinese hackers
    Winter Vivern steals government letters through Zimbra vulnerability

    Comments 0

    Add comment