Security News > 2021 > August > LockBit ransomware recruiting insiders to breach corporate networks
The LockBit 2.0 ransomware gang is actively recruiting corporate insiders to help them breach and encrypt networks.
Many ransomware gangs operate as a Ransomware-as-a-Service, which consists of a core group of developers, who maintain the ransomware and payment sites, and recruited affiliates who breach victims' networks and encrypt devices.
With LockBit 2.0, the ransomware gang is trying to remove the middle-man and instead recruit insiders to provide them access to a corporate network.
With this relaunch, LockBit has also changed the Windows wallpaper placed on encrypted devices to offer "Millions of dollars" for corporate insiders who provide access to networks where they have an account.
The full text, with the contact information redacted, explains that LockBit is looking for RDP, VPN, corporate email credentials that they can then use to gain access to the network.
The ransomware gang also says they will send the insider a "Virus" that should be executed on a computer, likely to give the ransomware gang remote access to the network.
News URL
Related news
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Henry Schein discloses data breach a year after ransomware attack (source)
- Black Basta ransomware poses as IT support on Microsoft Teams to breach networks (source)
- Fog ransomware targets SonicWall VPNs to breach corporate networks (source)
- LA housing authority confirms breach claimed by Cactus ransomware (source)
- Helldown ransomware exploits Zyxel VPN flaw to breach networks (source)