07.05.22
Corvus Threat Intel

July 5, 2022: Lockbit Ransomware gets a makeover.

Lockbit Ransomware gets a makeover. Expect more of the same with a slightly different paint job.

One year after rising to prominence with the release of 2.0, Lockbit ransomware completes beta testing and releases version 3.0.

Researchers have yet to dive into all the upgrades to the 3.0 malware, but the Lockbit TOR site boasts a few operational changes including:

  • A bug bounty program for security researchers and hackers

  • A new offering to sell stolen data

  • Zcash is now an accepted cryptocurrency

Recommendations

While this “updated” ransomware boasts new features, its core business model remains the same: breaking into your network to steal and encrypt data. This means the same defenses still work. Good cyber practices such as enabling MFA across the organization, ensuring good backups, and deploying endpoint detection are no less effective against this updated ransomware.

[RELATED POST] August 1, 2022: Confluence Critical Vulnerability, Macros, & MSPs

August 1, 2022: Confluence Critical Vulnerability, Macros, & MSPs

From apps to MSPs, threat actors continue to find ways to gain entry into victims’ networks. 

[RELATED POST] July 25, 2022: DOJ Fund Recovery, the Dark Web Bargain Bin, VBA Macros Update

July 25, 2022: DOJ Fund Recovery, the Dark Web Bargain Bin, VBA Macros Update

Updates from Microsoft, new research on attack vectors, and good news from the Department of Justice.