Security News > 2022 > February > FBI shares Lockbit ransomware technical details, defense tips
The Federal Bureau of Investigation has released technical details and indicators of compromise associated with LockBit ransomware attacks in a new flash alert published this Friday.
Two years later, in June 2021, LockBit announced the LockBit 2.0 RaaS on their data leak site after ransomware actors were banned from posting on cybercrime forums [1, 2]. With the relaunch, the ransomware gang redesigned Tor sites and overhauled the malware, adding more advanced features, including the automatic encryption of devices across Windows domains via Active Directory group policies.
Among the technical details on how LockBit ransomware works, the FBI also revealed that the malware comes with a hidden debug window that can be activated during the infection process using the SHIFT + F1 keyboard shortcut.
Companies asked to report LockBit ransomware attacks.
"The FBI encourages recipients of this document to report information concerning suspicious or criminal activity to their local FBI field office."
Even after paying a ransom, the FBI still urges to promptly report ransomware incidents as it will provide critical info that would allow law enforcement to prevent future attacks by tracking ransomware attackers and holding them accountable for their actions.
News URL
Related news
- Police arrest four suspects linked to LockBit ransomware gang (source)
- LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort (source)
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)
- Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks (source)