LockBit 3.0 ransomware customized version now used to attack Global Firms

By Naveen Goud

In recent times, the landscape of cybercrime has taken a more menacing turn with the proliferation of ransomware tools. Criminals, regardless of their targets’ size, industry, or financial resources, have long utilized these tools to wreak havoc on organizations. However, a concerning trend has emerged where cybercriminals are now leveraging customized versions of LockBit 3.0 to rapidly spread malware across networks.

A recent study conducted by Kaspersky sheds light on this alarming development. These threat actors are modifying the operations of LockBit 3.0 to disable onboard anti-malware solutions, enabling the malware to propagate swiftly through servers and PCs. Moreover, this variant of ransomware exhibits the capability to manipulate data stored on networks, particularly those associated with the transportation and financial sectors.

The modus operandi is deceptively straightforward: obtaining plain text related to admin credentials and then exploiting it to traverse the network. This evolution of cybercrime presents a daunting challenge, seemingly without an end in sight.

However, there are proactive measures that organizations can take to mitigate the risk of such attacks. Implementing multi-factor authentication, consistently applying software patches, and maintaining stringent credential hygiene are crucial steps in fortifying defenses against ransomware assaults.

Equally important is the stance organizations take in response to ransom demands. It is strongly advised not to succumb to extortion demands. Additionally, any ransom payments exceeding $100,000 should be conducted under the oversight of a district judge and law enforcement authorities. Failure to involve the appropriate authorities in the payment process may result in legal consequences, including criminal prosecution.

Engaging in such illicit activities not only poses a threat to the affected organization but also undermines the fabric of cybersecurity. It is imperative for all entities to refrain from participating in ransomware schemes and uphold the principles of ethical conduct in the digital realm.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display