Security News > 2022 > August > LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data
The LockBit ransomware group last week claimed responsibility for an attack on cybersecurity vendor in June.
LockBitSupp, the public face of LockBit that interacts with companies and cybersecurity researchers, told Shukuhi that the group's data leak site was getting 400 requests a second from more than 1,000 servers and that the group promised to add more resources to the site and to "Drain the ddosers money," he wrote.
Vx-underground, which collects malware source code and samples, wrote in a tweet that LockBit told them they were under a DDoS attack because of the Entrust hit.
When Vx-underground asked how the ransomware gang knew it was because of the Entrust attack, LockBit sent a screenshot of the messages coming in, all of which referenced enstrust.com.
The DDoS attack came within a day after LockBit, which uses a ransomware-as-a-service operating model, took responsibility for the Entrust attack, creating a leak page for the vendor and threatening to release all the data it had stolen if the company did not pay the demanded ransom.
The creation of the page indicates that Entrust - if Lockbit was indeed the bad actor as claimed - had yet to bend to LockBit's demands.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/08/22/entrust_lockbit_ddos_ransomware/
Related news
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)
- Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks (source)
- Critical SonicWall SSLVPN bug exploited in ransomware attacks (source)
- NoName ransomware gang deploying RansomHub malware in recent attacks (source)
- New PIXHELL acoustic attack leaks secrets from LCD screen noise (source)
- Port of Seattle hit by Rhysida ransomware in August attack (source)
- AutoCanada says ransomware attack "may" impact employee data (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Embargo ransomware escalates attacks to cloud environments (source)