Security News > 2023 > March > LockBit 3.0 Ransomware: Inside the Cyberthreat That's Costing Millions
U.S. government agencies have released a joint cybersecurity advisory detailing the indicators of compromise and tactics, techniques, and procedures associated with the notorious LockBit 3.0 ransomware.
"The LockBit 3.0 ransomware operations function as a Ransomware-as-a-Service model and is a continuation of previous versions of the ransomware, LockBit 2.0, and LockBit," the authorities said.
Since emerging in late 2019, the LockBit actors have invested significant technical efforts to develop and fine-tune its malware, issuing two major updates - LockBit 2.0, released in mid-2021, and LockBit 3.0, released in June 2022.
The two versions are also known as LockBit Red and LockBit Black, respectively.
"If a LockBit affiliate does not have access to passwordless LockBit 3.0 ransomware, then a password argument is mandatory during the execution of the ransomware."
The ransomware gang, notably, suffered a huge blow in late September 2022 when a disgruntled LockBit developer released the builder code for LockBit 3.0, raising concerns that other criminal actors could take advantage of the situation and spawn their own variants.
- LockBit ransomware goes 'Green,' uses new Conti-based encryptor (source)
- LockBit brags it pumped ION full of ransomware (source)
- LockBit ransomware gang claims Royal Mail cyberattack (source)
- New Exfiltrator-22 post-exploitation kit linked to LockBit ransomware (source)
- The Prolificacy of LockBit Ransomware (source)
- LockBit ransomware claims Essendant attack, company says “network outage” (source)