SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.lockbit (Back to overview)

LockBit

There is no description at this point.

References
2023-10-03Luca Mella
@online{mella:20231003:lighting:38ade3d, author = {Luca Mella}, title = {{Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)}}, date = {2023-10-03}, url = {https://medium.com/@lcam/lighting-the-exfiltration-infrastructure-of-a-lockbit-affiliate-and-more-f57fbb7a4e79}, language = {English}, urldate = {2023-10-05} } Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)
LockBit LockBit Conti LockBit
2023-09-07PRODAFTPRODAFT
@online{prodaft:20230907:pti257:051897c, author = {PRODAFT}, title = {{PTI-257 (ex-Wizard Spider) - IOCs}}, date = {2023-09-07}, organization = {PRODAFT}, url = {https://github.com/prodaft/malware-ioc/tree/master/PTI-257}, language = {English}, urldate = {2023-09-18} } PTI-257 (ex-Wizard Spider) - IOCs
LockBit LockBit
2023-08ANALYST1Jon DiMaggio
@online{dimaggio:202308:ransomware:43d8fc7, author = {Jon DiMaggio}, title = {{Ransomware Diaries: Volume 3 – LockBit’s Secrets}}, date = {2023-08}, organization = {ANALYST1}, url = {https://analyst1.com/ransomware-diaries-volume-3-lockbits-secrets/}, language = {English}, urldate = {2023-10-30} } Ransomware Diaries: Volume 3 – LockBit’s Secrets
LockBit
2023-07-26TalosNicole Hoffman
@online{hoffman:20230726:incident:4731c33, author = {Nicole Hoffman}, title = {{Incident Response trends Q2 2023: Data theft extortion rises, while healthcare is still most-targeted vertical}}, date = {2023-07-26}, organization = {Talos}, url = {https://blog.talosintelligence.com/talos-ir-q2-2023-quarterly-recap/}, language = {English}, urldate = {2023-08-03} } Incident Response trends Q2 2023: Data theft extortion rises, while healthcare is still most-targeted vertical
BianLian Clop LockBit Royal Ransom LockBit 8Base BianLian Clop LockBit Money Message Royal Ransom
2023-06-22Kaspersky LabsGReAT
@online{great:20230622:lockbit:a9c1d00, author = {GReAT}, title = {{LockBit Green and phishing that targets organizations}}, date = {2023-06-22}, organization = {Kaspersky Labs}, url = {https://securelist.com/crimeware-report-lockbit-switchsymb/110068/}, language = {English}, urldate = {2023-07-11} } LockBit Green and phishing that targets organizations
LockBit LockBit
2023-05-16KrebsOnSecurityBrian Krebs
@online{krebs:20230516:russian:b526450, author = {Brian Krebs}, title = {{Russian Hacker “Wazawaka” Indicted for Ransomware}}, date = {2023-05-16}, organization = {KrebsOnSecurity}, url = {https://krebsonsecurity.com/2023/05/russian-hacker-wazawaka-indicted-for-ransomware/}, language = {English}, urldate = {2023-05-21} } Russian Hacker “Wazawaka” Indicted for Ransomware
Babuk Hive LockBit LockBit Babuk Hive LockBit
2023-03-30United States District Court (Eastern District of New York)Microsoft, Fortra, HEALTH-ISAC
@techreport{microsoft:20230330:cracked:08c67c0, author = {Microsoft and Fortra and HEALTH-ISAC}, title = {{Cracked Cobalt Strike (1:23-cv-02447)}}, date = {2023-03-30}, institution = {United States District Court (Eastern District of New York)}, url = {https://noticeofpleadings.com/crackedcobaltstrike/files/ComplaintAndSummons/1%20-Microsoft%20Cobalt%20Strike%20-%20Complaint(907040021.9).pdf}, language = {English}, urldate = {2023-04-28} } Cracked Cobalt Strike (1:23-cv-02447)
Black Basta BlackCat LockBit RagnarLocker LockBit Black Basta BlackCat Cobalt Strike Cuba Emotet LockBit Mount Locker PLAY QakBot RagnarLocker Royal Ransom Zloader
2023-01-16ANALYST1Jon DiMaggio
@online{dimaggio:20230116:unlocking:adf4dd9, author = {Jon DiMaggio}, title = {{Unlocking Lockbit: A Ransomware Story}}, date = {2023-01-16}, organization = {ANALYST1}, url = {https://analyst1.com/ransomware-diaries-volume-1/}, language = {English}, urldate = {2023-01-26} } Unlocking Lockbit: A Ransomware Story
LockBit LockBit
2022-09-28vmwareGiovanni Vigna
@online{vigna:20220928:esxitargeting:bd1ce9a, author = {Giovanni Vigna}, title = {{ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1)}}, date = {2022-09-28}, organization = {vmware}, url = {https://blogs.vmware.com/security/2022/09/esxi-targeting-ransomware-the-threats-that-are-after-your-virtual-machines-part-1.html}, language = {English}, urldate = {2022-10-10} } ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1)
Avoslocker Babuk Black Basta BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit Luna RansomEXX RedAlert Ransomware REvil
2022-07-18FortinetFortiGuard Labs
@online{labs:20220718:ransomware:69b4e95, author = {FortiGuard Labs}, title = {{Ransomware Roundup: Protecting Against New Variants}}, date = {2022-07-18}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-new-variants}, language = {English}, urldate = {2022-07-25} } Ransomware Roundup: Protecting Against New Variants
LockBit LockBit
2022-06-02Packtpacktsecurity
@online{packtsecurity:20220602:secpro:91d88bd, author = {packtsecurity}, title = {{A SecPro Super Issue: Understanding LockBit}}, date = {2022-06-02}, organization = {Packt}, url = {https://security.packt.com/understanding-lockbit/}, language = {English}, urldate = {2022-10-06} } A SecPro Super Issue: Understanding LockBit
LockBit LockBit BITWISE SPIDER
2022-05-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
@online{team:20220509:ransomwareasaservice:13ec472, author = {Microsoft 365 Defender Threat Intelligence Team and Microsoft Threat Intelligence Center (MSTIC)}, title = {{Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself}}, date = {2022-05-09}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself}, language = {English}, urldate = {2022-05-17} } Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT
2022-04-06SOCRadarSOCRadar
@online{socradar:20220406:lockbit:1908458, author = {SOCRadar}, title = {{Lockbit 3.0: Another Upgrade to World’s Most Active Ransomware}}, date = {2022-04-06}, organization = {SOCRadar}, url = {https://socradar.io/lockbit-3-another-upgrade-to-worlds-most-active-ransomware/}, language = {English}, urldate = {2022-10-06} } Lockbit 3.0: Another Upgrade to World’s Most Active Ransomware
LockBit LockBit BITWISE SPIDER
2022-03-31TrellixJohn Fokker, Jambul Tologonov
@online{fokker:20220331:conti:3bc2974, author = {John Fokker and Jambul Tologonov}, title = {{Conti Leaks: Examining the Panama Papers of Ransomware}}, date = {2022-03-31}, organization = {Trellix}, url = {https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/conti-leaks-examining-the-panama-papers-of-ransomware.html}, language = {English}, urldate = {2022-04-07} } Conti Leaks: Examining the Panama Papers of Ransomware
LockBit Amadey Buer Conti IcedID LockBit Mailto Maze PhotoLoader Ryuk TrickBot
2022-03-31Bleeping ComputerBill Toulas
@online{toulas:20220331:lockbit:b93bcef, author = {Bill Toulas}, title = {{LockBit victim estimates cost of ransomware attack to be $42 million}}, date = {2022-03-31}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/lockbit-victim-estimates-cost-of-ransomware-attack-to-be-42-million/}, language = {English}, urldate = {2022-04-04} } LockBit victim estimates cost of ransomware attack to be $42 million
LockBit LockBit
2022-03-21COMPASS SECURITYBenjamin Bruppacher
@online{bruppacher:20220321:vpn:f61b485, author = {Benjamin Bruppacher}, title = {{VPN Appliance Forensics}}, date = {2022-03-21}, organization = {COMPASS SECURITY}, url = {https://blog.compass-security.com/2022/03/vpn-appliance-forensics/}, language = {English}, urldate = {2022-03-24} } VPN Appliance Forensics
LockBit
2022-02-14LIFARSVlad Pasca
@techreport{pasca:20220214:detailed:a0a0fde, author = {Vlad Pasca}, title = {{A Detailed Analysis of The LockBit Ransomware}}, date = {2022-02-14}, institution = {LIFARS}, url = {https://lifars.com/wp-content/uploads/2022/02/LockBitRansomware_Whitepaper.pdf}, language = {English}, urldate = {2022-03-01} } A Detailed Analysis of The LockBit Ransomware
LockBit LockBit
2022-02-09DragosAnna Skelton
@online{skelton:20220209:dragos:89d2a68, author = {Anna Skelton}, title = {{Dragos ICS/OT Ransomware Analysis: Q4 2021}}, date = {2022-02-09}, organization = {Dragos}, url = {https://www.dragos.com/blog/industry-news/dragos-ics-ot-ransomware-analysis-q4-2021/}, language = {English}, urldate = {2022-02-14} } Dragos ICS/OT Ransomware Analysis: Q4 2021
LockBit Conti LockBit
2022-02-07FBIFBI
@techreport{fbi:20220207:cu000162mw:4b54d23, author = {FBI}, title = {{CU-000162-MW: Indicators of Compromise Associated with LockBit 2.0 Ransomware}}, date = {2022-02-07}, institution = {FBI}, url = {https://www.ic3.gov/Media/News/2022/220204.pdf}, language = {English}, urldate = {2022-02-09} } CU-000162-MW: Indicators of Compromise Associated with LockBit 2.0 Ransomware
LockBit LockBit
2022-01-24Trend MicroJunestherry Dela Cruz
@online{cruz:20220124:analysis:5807286, author = {Junestherry Dela Cruz}, title = {{Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant}}, date = {2022-01-24}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/a/analysis-and-Impact-of-lockbit-ransomwares-first-linux-and-vmware-esxi-variant.html}, language = {English}, urldate = {2022-01-25} } Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
LockBit LockBit
2022-01-21CrowdStrikeFalcon OverWatch Team
@online{team:20220121:better:42d5b2b, author = {Falcon OverWatch Team}, title = {{Better Together: The Power of Managed Cybersecurity Services in the Face of Pressing Global Security Challenges}}, date = {2022-01-21}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/better-together-global-attitude-survey-takeaways-2021/}, language = {English}, urldate = {2022-10-06} } Better Together: The Power of Managed Cybersecurity Services in the Face of Pressing Global Security Challenges
LockBit LockBit BITWISE SPIDER

There is no Yara-Signature yet.