Michael sent this Ars Technica article to TSB’s list titled Ransomware associated with LockBit still spreading 2 days after server takedown written by Dan Goodin.
This one is interesting, as this version of what could be LockBit could be in fact others using it in combination with other things including Cobolt Strike.
I don’t remember if Cobolt Strike was ever installed with LockBit, but from what I’ve read, I don’t think so.
Brian Krebs also wrote about LockBit’s demise and resurrection FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga. was written on the 25th, two or three days after the news of the takedown happened.
That article said nothing about this apparent strain of the biggest Ransomware that has been known to be out there.
To be fair, I’m no expert, but anything is possible with older versions either leaked or not supported by the offical gang.
Brian’s article talked about the original guy who was taunting authorities and even put a 10 million dollar bounty on his own head.
You can read both articles and let me know what you think. Could there be an interesting Ars angle that we should be aware of in regards to the group?
I guess we’ll find out as time goes on.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.