LockBit Ransomware
LockBit Ransomware
09/23/2021
TLP: WHITE, ID# 202109231300
Agenda
? Introduction ? LockBit History ? LockBit v1.0 to v2.0 ? Affiliate Program ? Interviews ? Victims ? Mitigations
Slides Key: Non-Technical: Managerial, strategic and highlevel (general audience)
Technical: Tactical / IOCs; requiring in-depth knowledge (sysadmins, IRT)
2
Introduction
LockBit Overview ? LockBit attack on Accenture ? Claims fastest encryption ? Claims fastest file stealer ? Use RaaS model ? In it for the long haul ? Keep aware of LockBit!
3
LockBit History
LockBit (ABCD) Launched
Jan 2020
A History of Lockbit
Begins working with Maze gang
Sep 2020
LockBit v2.0 Debuts
Aug 2021
Sep 2019
Begins RaaS Affiliate Program
advertising on XSS
May 2020
Creates own Leak Site
Jun 2021
Accenture Attack
4
LockBit v1.1
Lockbit v1.1
? IP-based geolocation ? Persistence via COM interface task scheduling
and Windows registry hive ? Appending encrypted files with .abcd
? First ransom note version ? Debug file ? High CPU usage during encryption ? Use of exact copy of PhobosImpostor mutex
5
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- chief executive officer google llc
- supplemental reference for sars cov 2 omicron varient
- news from the u s department of the interior ocean
- youtube news pew research center
- sars cov 2 omicron variant
- williams riley statement of facts
- the art of aging well harvard university
- bill gates will use your microchipped body to mine
- the hidden tax
- lockbit ransomware