Lockbit ransomware infects over 12K companies

May 9, 2022
4:53 pm

share on :

Imagine getting the below message alert in your office laptop screen.

‘Oops your files have been encrypted‘ or ‘Ransomware Alert‘ message flashes on the screen.

The moment you get this message, one starts thinking of “backup” or Do I need to pay ransom to get my file back and other thoughts.

LockBit is a ransomware which is formerly known as “ABCD” ransomware. since then it has grown into a unique threat within the scope of these extortion tools. LockBit is a subclass of ransomware known as a ‘crypto virus’ due to forming its ransom requests around financial payment in exchange for decrypting the data. It focuses mostly on corporate and government organizations rather than individuals.

LockBit uses a ransomware-as-a-service (RaaS) model and consistently conceived new ways to stay ahead of its competitors.

It is believed that Lockbit ransomware has infected more than 12000 companies including Accenture and Merseyrail and collected ransom in billions from these companies.

LockBit ransomware is considered to be part of the “LockerGoga & MegaCortex” malware family which means it shares behavior with these established forms of targeted ransomware. It is also understood that these spread as in the following ways:

Self-spreading within an organization rather than requiring manual direction.
Targeted rather than spread in a scattershot fashion like spam malware.
Using similar tools to spread, like Windows Powershell and Server Message Block (SMB).