The most recent in a long series of cyber extortion operations is the ransomware outbreak known as LockBit. It belongs to the subset of ransomware referred to as “crypto viruses” since its demands for decryption are based on a demand for money.
Potential victims will be hampered by the disturbance to the point where they are willing to pay a high price for the inconvenience. This can potentially cause widespread assaults on industries as diverse as healthcare and finance.
Threats Used by LockBit
The current LockBit ransomware outbreak poses a significant risk. The present trend towards working remotely may extend to several businesses and sectors. Discovering the many forms of LockBit might help you better understand the threat.
Variant 1 —. abcd extension
With the first release of LockBit, files that end in “.abcd” are renamed. A ransom note with requirements and instructions for supposed recoveries is also included in every folder, along with “Restore-My-Files.txt.”
Variant 2 —. LockBit extension
The second known variant of this ransomware included the “.LockBit” file extension, which led to the present name being assigned to it. Apart from some small tweaks behind the scenes, victims will not notice any major differences between this version and the previous one.
Variant 3 —. LockBit version 2
With the latest LockBit release, the ransom instructions no longer recommend using the Tor browser. Instead, it sends them to another website using a regular internet connection.
Ongoing alterations and upgrades to LockBit
LockBit now has more malicious features, such as the ability to bypass administrator permissions. LockBit eliminates the warnings users get when a programme attempts to run with administrative privileges.
The virus now has the capability to make backups of server data and includes new extortion demands. If the victim continues to ignore LockBit’s directives, the malware will leak the victim’s private data.
Conclusion
LockBit performs the role of ransomware as a service (RaaS). Parties intending to utilise tailored for-hire assaults pay a fee upfront and earn commissions via an affiliate system. LockBit’s dev team keeps up to a quarter of the ransom, and the attackers’ affiliates keep the rest.