Security News > 2022 > February > FBI shares Lockbit ransomware technical details, defense tips
The Federal Bureau of Investigation has released technical details and indicators of compromise associated with LockBit ransomware attacks in a new flash alert published this Friday.
Two years later, in June 2021, LockBit announced the LockBit 2.0 RaaS on their data leak site after ransomware actors were banned from posting on cybercrime forums [1, 2]. With the relaunch, the ransomware gang redesigned Tor sites and overhauled the malware, adding more advanced features, including the automatic encryption of devices across Windows domains via Active Directory group policies.
Among the technical details on how LockBit ransomware works, the FBI also revealed that the malware comes with a hidden debug window that can be activated during the infection process using the SHIFT + F1 keyboard shortcut.
Companies asked to report LockBit ransomware attacks.
"The FBI encourages recipients of this document to report information concerning suspicious or criminal activity to their local FBI field office."
Even after paying a ransom, the FBI still urges to promptly report ransomware incidents as it will provide critical info that would allow law enforcement to prevent future attacks by tracking ransomware attackers and holding them accountable for their actions.
News URL
Related news
- FBI v the bots: Feds urge denial-of-service defense after critical infrastructure alert (source)
- FBI: Akira ransomware raked in $42 million from 250+ victims (source)
- LockBit ransomware admin identified, sanctioned in US, UK, Australia (source)
- Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator (source)
- City of Wichita breach claimed by LockBit ransomware gang (source)
- The Week in Ransomware - May 10th 2024 - Chipping away at LockBit (source)