Ransomware

Most threatening LockBit version yet examined

(Adobe Stock)

(Adobe Stock)

Active distribution of the new LockBit 5.0 ransomware variant, which is substantially more severe than the strain's older iterations, across Windows, Linux, and ESXi environments is already underway, reports Infosecurity Magazine.

All LockBit 5.0 strains across various platforms have improved user interfaces that enable increased flexibility and more comprehensive settings for affiliates, as well as more advanced anti-analysis mechanisms that pose greater recovery challenges, according to a Trend Micro analysis.

However, LockBit's latest version was noted to be an "evolutionary development" from LockBit 4.0, with both iterations having the same hashing algorithms for string operations, service identification, and API resolution components, as well as similar dynamic API resolution code structure.

"The existence of Windows, Linux, and ESXi variants confirms LockBit's continued cross-platform strategy. This enables simultaneous attacks across entire enterprise networks, from workstations to critical servers hosting databases and virtualization platform," said Trend Micro researchers.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Related

Over 45K hit by ransomware attack against Ohio county

Officials at Ohio's Union County have confirmed that data from 45,587 individuals had been compromised following a May ransomware attack, which has not yet been claimed by any known threat operation, reports The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds