Highly prolific LockBit ransomware-as-a-service operation had its inner workings exposed following a recent data leak, Hackread reports.
Aside from revealing the several payloads created by its affiliates, the LockBit breach also shed light on a low payout rate, as well as the RaaS group's failure to provide the decryption tool to victims that had fulfilled its demands, an analysis from Ontinue showed. Additional data from the breach not only revealed the extensive attack infrastructure of LockBit but also confirmed the group's key operators previously divulged as part of the Operation Cronos campaign. Affiliates were also noted to have employed tactics similar to sales representatives rather than cybercriminals. Such exposure of LockBit information was noted by Qualys Manager of Vulnerability Research Saeed Abbasi as an important threat intelligence resource. "By understanding which systems LockBit targeted and how affiliates customized payloads, security teams can better prioritize patching, harden overlooked systems, and improve basic access controls," said Abbasi.
Aside from revealing the several payloads created by its affiliates, the LockBit breach also shed light on a low payout rate, as well as the RaaS group's failure to provide the decryption tool to victims that had fulfilled its demands, an analysis from Ontinue showed. Additional data from the breach not only revealed the extensive attack infrastructure of LockBit but also confirmed the group's key operators previously divulged as part of the Operation Cronos campaign. Affiliates were also noted to have employed tactics similar to sales representatives rather than cybercriminals. Such exposure of LockBit information was noted by Qualys Manager of Vulnerability Research Saeed Abbasi as an important threat intelligence resource. "By understanding which systems LockBit targeted and how affiliates customized payloads, security teams can better prioritize patching, harden overlooked systems, and improve basic access controls," said Abbasi.
