LockBit Ransomware

1 min read
LockBit Ransomware Blog Image


Recently, the U.S. Department of Justice has indicted Russian national Dimitry Yuryevich Khoroshev and announced a $10 million reward for his alleged involvement with LockBit ransomware.

About LockBit Ransomware: 

  • It is malicious software designed to block user access to computer systems in exchange for a ransom payment.
  • It was formerly known as “ABCD” ransomware, but it has since grown into a unique threat within the scope of extortion tools.
  • It is a subclass of ransomware known as a ‘crypto virus’ due to forming its ransom requests around financial payment in exchange for decryption.
  • It focuses mostly on enterprises and government organizations rather than individuals.
  • It functions as ransomware-as-a-service (RaaS). It is now working to create encryptors targeting Macs for the first time.
  • Working
    • It works as a self-spreading malware, not requiring additional instructions once it has successfully infiltrated a single device with access to an organisational intranet.
    • It is also known to hide executable encryption files by disguising them in the . PNG format, thereby avoiding detection by system defences.
    • Attackers use phishing tactics and other social engineering methods to impersonate trusted personnel or authorities to lure victims into sharing credentials.
    • Once it has gained access, the ransomware prepares the system to release its encryption payload across as many devices as possible.
    • It then disables security programs and other infrastructures that could permit system data recovery.

Q1: What is Encryption?

Encryption is a way of scrambling data so that only authorized parties can understand the information. In technical terms, it is the process of converting human-readable plaintext to incomprehensible text, also known as ciphertext.

Source: U.S. announces $10 million bounty for alleged LockBit ransomware creator