BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • CISA describes how LockBit ransomware works

    U.S. government agencies have released a joint cybersecurity bulletin that details indicators of compromise (IoC) and tactics, techniques, and procedures (TTPs) of the LockBit 3.0 ransomware.

    The alert came from the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Information Sharing and Analysis Center (MS-ISAC).

    Since its inception in late 2019, LockBit hackers have released two versions of their ransomware, LockBit 2.0 (LockBit Red) (2021) and LockBit 3.0 (LockBit Black) (2022). The ransomware is configured in such a way that it does not infect computers with the following language settings: Romanian (Moldova), Arabic (Syria), and Tatar (Russia).

    Initial access to victim networks is achieved through RDP protocol, compromise, phishing campaigns, abuse of valid accounts, and use of public applications as a hacking tool.

    Once in the system, the malware takes steps to establish persistence, elevate privileges, perform lateral movement, and clean up log files, recycle bin, and shadow copies before starting the encryption routine.

    In addition, various free and open source programs and tools have been used by LockBit affiliates. These tools are used for a variety of activities - network reconnaissance, remote access and tunneling, credential reset, and file exfiltration.

    One of the defining characteristics of the attacks is the use of a special exfiltration tool called StealBit, which the LockBit group makes available to affiliates for dual extortion purposes.

    It is worth noting that according to the US Department of Justice as of November 2022, the LockBit ransomware infected at least 1,000 victims worldwide, which brought in more than $100 million in profits.

    Also, security company Dragos previously reported that LockBit 3.0 is behind 21% of ransomware attacks on critical infrastructure in the fourth quarter of 2022 (40 out of 189). Most of these attacks have affected the food, beverage and industrial sectors.

    Despite numerous LockBit attacks, the ransomware gang was dealt a huge blow in late September 2022 when a disgruntled LockBit developer released the build code for LockBit 3.0. This raised concerns that other cybercriminals could take advantage of the code and create their own variants of the malware.

    Author DeepWeb
    Most of the zero day vulnerabilities last year were used by Chinese hackers
    Winter Vivern steals government letters through Zimbra vulnerability

    Comments 0

    Add comment