Security News > 2022 > August > LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data

The LockBit ransomware group last week claimed responsibility for an attack on cybersecurity vendor in June.

LockBitSupp, the public face of LockBit that interacts with companies and cybersecurity researchers, told Shukuhi that the group's data leak site was getting 400 requests a second from more than 1,000 servers and that the group promised to add more resources to the site and to "Drain the ddosers money," he wrote.

Vx-underground, which collects malware source code and samples, wrote in a tweet that LockBit told them they were under a DDoS attack because of the Entrust hit.

When Vx-underground asked how the ransomware gang knew it was because of the Entrust attack, LockBit sent a screenshot of the messages coming in, all of which referenced enstrust.com.

The DDoS attack came within a day after LockBit, which uses a ransomware-as-a-service operating model, took responsibility for the Entrust attack, creating a leak page for the vendor and threatening to release all the data it had stolen if the company did not pay the demanded ransom.

The creation of the page indicates that Entrust - if Lockbit was indeed the bad actor as claimed - had yet to bend to LockBit's demands.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/08/22/entrust_lockbit_ddos_ransomware/