Security News > 2022 > August > LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data
The LockBit ransomware group last week claimed responsibility for an attack on cybersecurity vendor in June.
LockBitSupp, the public face of LockBit that interacts with companies and cybersecurity researchers, told Shukuhi that the group's data leak site was getting 400 requests a second from more than 1,000 servers and that the group promised to add more resources to the site and to "Drain the ddosers money," he wrote.
Vx-underground, which collects malware source code and samples, wrote in a tweet that LockBit told them they were under a DDoS attack because of the Entrust hit.
When Vx-underground asked how the ransomware gang knew it was because of the Entrust attack, LockBit sent a screenshot of the messages coming in, all of which referenced enstrust.com.
The DDoS attack came within a day after LockBit, which uses a ransomware-as-a-service operating model, took responsibility for the Entrust attack, creating a leak page for the vendor and threatening to release all the data it had stolen if the company did not pay the demanded ransom.
The creation of the page indicates that Entrust - if Lockbit was indeed the bad actor as claimed - had yet to bend to LockBit's demands.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/08/22/entrust_lockbit_ddos_ransomware/
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)