LockBit

Written By TheDarkMentor

From the beginning. LockBit is criminal cyber organization that boasts Ransomware-as-a-Service (Raas) capabilities. The group has been observed targeting hospitals, schools and financial institutions such as banks. I think we can all agree targeting banks is pretty freaking scummy but well what can you expect from a group that only cares about money?

Now we are here to just discuss them not speak about moral or ethical dilemmas in different groups. At the end of the day they are richer than me, so maybe they are doing something right and I am doing something wrong, tragic thoughts.

LockBit has a group has been around since around 2019 with has gone through several transformations since then.

  • In 2020 LockBit 1.0 was released in January 2020 as ABCD ransomware. (You may dislike them but ABCD ransomware I think is kind of a funny name).

  • 2021 LockBit 2.0 was released named LockBit Red in conjunction with their exfiltration tool StealBit. (Aptly named for their groups nomenclature. Simple and straightforward, gotta admit kinda fire).

  • LockBit 3.0 released back in March of 2022. Interestingly enough, a developer got pissed and leaked this information out. (I should probably write another post about this).

    • Imagine being part of a criminal organization and getting mad so you just start talking about all the bad things you have done with them and leaking information to the world. That is some soft as baby shit behavior.

  • Then there is LockBitSupp the “CEO” of LockBit who professionalized the group and ran it like an actual business. Getting caught or not our guy has a keenly developed tradecraft in business. Could have made it pretty far. I am super excited to see the man (or woman) behind the mask when the details are released.

    • This dude is so confident in himself he offered a $10 million reward if you could find his real identity.

      • One that is hilarious because he is that confident

      • Two, even if you did find the name, not like he would actually admit it and pay you. That would be incredibly unwise for a criminal to do.

This past Monday it was observed that the FBI and U.K.’s National Crime Agency and others I have no idea of seized the main website used by LockBit.

What I really want to talk about is the message from law enforcement. “LockBitSupp has engaged with Law Enforcement”.

We have to sit here and all actually laugh at this super hard. It does not say LockBitSupp is snitching on everybody BUT it is presented as the “CEO” may be snitching.

If I was him I would be PISSED. However, that may just be what they want him to be and law enforcement is playing 4D chess to get him to speak. Doesn’t matter to me either way this is amusing and we have to stay tuned for more.

As always. Stay Curious.

TheDarkMentor
Next

Careful What You’re Using