LockBit Ransomware

About LockBit Ransomware:

• It is malicious software designed to block user access to computer systems in exchange for a ransom payment.
• It was formerly known as “ABCD” ransomware, but it has since grown into a unique threat within the scope of extortion tools.
• It is a subclass of ransomware known as a ‘crypto virus’ due to forming its ransom requests around financial payment in exchange for decryption.
• It focuses mostly on enterprises and government organizations rather than individuals. It functions as ransomware-as-a-service (RaaS). It is now working to create encryptors targeting Macs for the first time.

• Working:
  • It works as a self-spreading malware, not requiring additional instructions once it has successfully infiltrated a single device with access to an organisational intranet.
  • It is also known to hide executable encryption files by disguising them in the PNG format, thereby avoiding detection by system defences.
  • Attackers use phishing tactics and other social engineering methods to impersonate trusted personnel or authorities to lure victims into sharing credentials.
  • Once it has gained access, the ransomware prepares the system to release its encryption payload across as many devices as possible.
  • It then disables security programs and other infrastructures that could permit system data recovery.