cross-posted from: https://monyet.cc/post/378426

Summary:

  • LockBit is a ransomware-as-a-service (RaaS) group that has been active since 2019.

  • The group is known for its aggressive tactics, including threatening to publish stolen data if victims do not pay the ransom.

  • However, a new report by Jon DiMaggio of Analyst1 claims that LockBit is having trouble publishing stolen data due to limitations in its backend infrastructure and available bandwidth.

  • DiMaggio says that LockBit has recently updated its infrastructure, but this is a gimmick to make it appear that the problem has been fixed.

  • As a result of these issues, LockBit’s reputation has been tarnished and some of its top affiliates have left for other ransomware groups.

  • It remains to be seen whether LockBit can address its infrastructure issues and regain its former prominence.

Additional details:

  • The group’s attacks have targeted a wide range of victims, including businesses, government agencies, and healthcare organizations.

  • LockBit typically demands a ransom of several million dollars in exchange for not publishing stolen data.

  • The group has a reputation for being very aggressive and has been known to follow through on its threats to publish stolen data.