Security News > 2022 > August > LockBit ransomware blames Entrust for DDoS attacks on leak sites
The LockBit ransomware operation's data leak sites have been shut down over the weekend due to a DDoS attack telling them to remove Entrust's allegedly stolen data.
Soon after they started leaking data, researchers began reporting that the ransomware gang's Tor data leak sites were unavailable due to a DDoS attack.
Yesterday, security research group VX-Underground learned from LockBitSupp, the public-facing representative of the LockBit ransomware operation, that their Tor sites were under attack by someone they believed to be connected to Entrust.
In retaliation to the attack, LockBit's data leak sites now show a message warning that the ransomware gang plans to upload all of Entrust's data as a torrent, which will make it almost impossible to take down.
The ALPHV ransomware operation's data leak sites were also down this weekend in what is believed to be a DDoS attack.
While we will likely never know who is behind these attacks, it has shown how effective attacks like this can be in disrupting a ransomware gang's operations.
News URL
Related news
- BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks (source)
- JetBrains is still mad at Rapid7 for the ransomware attacks on its customers (source)
- Stanford: Data of 27,000 people stolen in September ransomware attack (source)
- LockBit ransomware affiliate gets four years in jail, to pay $860k (source)
- Nissan confirms ransomware attack exposed data of 100,000 people (source)
- LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada (source)
- LockBit ransomware kingpin gets 4 years behind bars (source)
- TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks (source)
- What the Latest Ransomware Attacks Teach About Defending Networks (source)
- CISA: Here’s how you can foil DDoS attacks (source)