Ransomware, Malware, Email security, Vulnerability Management
Fraudulent copyright claims leveraged for LockBit ransomware spread
Affiliates of the LockBit ransomware operation have been leveraging fake copyright violation claims as phishing lures to facilitate malware spread, BleepingComputer reports.
Copyright violation emails sent by attackers demanded recipients to remove infringing content from their sites but asked recipients to download and open an attached file to determine the unfairly used content, a report from AhnLab revealed. Opening the file with a PDF-disguised NSIS installer will prompt loading and file encryption with LockBit 2.0 ransomware.
Similar lures have been used to spread the Bumblebee and BazarLoader malware loader, according to BleepingComputer.
The new LockBit phishing lure comes after NCC Group reported LockBit 2.0's domination in ransomware attacks last month. LockBit victimized 95 organizations last month alone, compared with the 65 victims of Black Basta, BlackCat, Conti, and Hive combined.
Intel 471 researchers also noted that LockBit 2.0 was the most prolific ransomware gang in the fourth quarter of 2021.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds