Security news aggregator

Latest coverage for LockBit

LockBit is a ransomware operation covered through reported incidents, technical analysis, disruption efforts, and guidance to defend systems and data.

41 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

LockBit is a ransomware family and associated cybercrime operation—not an unrelated product or project—that has been reported in attacks where malware encrypts files on compromised systems and disrupts access. Coverage under this tag includes technical analysis of LockBit variants, reported incidents, infrastructure or law-enforcement disruption, and claims about stolen data or extortion; individual reports may differ in what is verified.

For defenders, the material risks are rapid encryption across reachable systems and possible exposure of data taken before encryption. Priorities include promptly addressing internet-facing vulnerabilities and exposed credentials, restricting lateral movement with segmentation and least privilege, and maintaining tested offline or otherwise isolated backups. Monitor for suspicious administrative activity and mass file changes, preserve logs and affected systems for investigation, and use threat intelligence on LockBit indicators to support containment. A suspected incident requires coordinated isolation, recovery, and assessment of privacy or regulatory obligations rather than assuming that paying restores systems or prevents disclosure.

Showing 20 most recent headlines of 41 Filtered view
Bank Info Security 2 years, 4 months ago

Binance Restricts 85 LockBit Crypto Wallets

Authorities Uncover 30,000 LockBit Bitcoin AddressesCryptocurrency trading platform Binance restricted access to 85 accounts as part of an action against the LockBit ransomware affiliates, and authorities estimated that members of the now-defunct ransomware-as-a-service operation had pocketed "hundreds of millions" in ransom.

Bank Info Security 2 years, 4 months ago

Attackers Rush to Exploit ScreenConnect Vulnerabilities

Ransomware, Info Stealers, Backdoors and CryptojackingHackers are on a tear to exploit unpatched ConnectWise ScreenConnect remote connection software to infect systems with ransomware, info stealers and persistent backdoors. The attacks observed by researchers include ransomware deployments tied to the now-defunct LockBit ransomware operation.

Bank Info Security 2 years, 4 months ago

Post-LockBit, How Will the Ransomware Ecosystem Evolve?

With Over $1 Billion in Annual Proceeds, Don't Expect Attackers to Give Up the LifeOnce the dust settles on the LockBit disruption, what will be the state of ransomware? Expect attackers to continue refining their tactics for maximizing profits via a grab bag of complementary strategies, including crypto-locking shakedowns and data-theft extortion.

Bank Info Security 2 years, 4 months ago

No Big Reveal: Cops Don't Unmask LockBit's LockBitSupp

After Teasing 'Who is LockBitSupp,' Cops Say He's 'Engaged With Law Enforcement'"Who is LockBitSupp?" Police teased they would reveal the answer to that question Friday, but when the big reveal came, they disclosed very little, except to cryptically say the apparent member of the LockBit ransomware group's leadership team "has engaged with law enforcement."

Bank Info Security 2 years, 4 months ago

Who is LockBitSupp? Police Delay Promise to Reveal Identity

Officials Reschedule Big Reveal of LockBit Ransomware Group Leadership's IdentityWho is LockBitSupp? On Friday morning, when law enforcement promised to reveal the identity of the public mouthpiece of the LockBit ransomware-as-a-service operation they infiltrated and disrupted earlier this week, authorities instead announced a delay.

Bank Info Security 2 years, 4 months ago

Breach Roundup: More Fallout From the LockBit Takedown

Also: Avast Agrees to $16.5 Million Civil Penalty to Settle Privacy InvestigationThis week: more fallout from LockBit, Avast to pay $16.5M, Russia-linked group targeted mail servers, no indication that AT&T was hacked, analysis of a patched Apple flaw, Microsoft enhanced logging, an Android banking Trojan, North Korean hackers and a baking giant fell to ransomware.

Bank Info Security 2 years, 4 months ago

LockBit Group Prepared New Crypto-Locker Before Takedown

Numerous Impediments Remain If Administrators Attempt to Reboot the OperationThe notorious ransomware-as-a-service group LockBit, disrupted by law enforcement this week, was developing a new version of its crypto-locking malware prior to being shut down, security researchers reported. Even so, experts say it's unlikely the group would be able to successfully reboot.

Bank Info Security 2 years, 4 months ago

LockBit Group Prepped New Crypto-Locker Before Takedown

Numerous Impediments Remain, Should Administrators Attempt to Reboot OperationThe notorious ransomware-as-a-service group LockBit, disrupted by law enforcement this week, was developing a new version of its crypto-locking malware prior to being disrupted, security researchers report. Even so, experts say it's unlikely the group would be able to successfully reboot.

Loading more headlines...