Security News > 2020 > October > LockBit ransomware moves quietly on the network, strikes fast
LockBit ransomware takes as little as five minutes to deploy the encryption routine on target systems once it lands on the victim network.
LockBit attacks leave few traces for forensic analysis as the malware loads into the system memory, with logs and supporting files removed upon execution.
The malicious code would deploy LockBit ransomware only if the targets matched a fingerprint indicating an attractive target, the researcher notes in a report today.
After picking the valuable targets, LockBit ransomware would execute in memory within five minutes using a Windows Management Instrumentation command.
In a report from May, McAfee Labs and cybersecurity firm Northwave detail how LockBit ransomware gained access to the victim network by brute-forcing an admin's logins for an outdated VPN service.