AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

LockBit's tenacious activity despite global investigations

Challenges and countermeasures in the war against the LockBit cyber criminal group

LockBit, a cybercriminal group, continues to launch attacks despite international legal action. Security specialists have discovered new vulnerabilities exploited by the group and Trend Micro analyzes an advanced version of their malware.

This pill is also available in Italian language

Despite the recent Operation Cronos, which led to significant action against the LockBit cyber criminal group, a resurgence of their malicious activity has been detected. The Sophos and Huntress security teams highlighted new attacks linked to this group within 24 hours, indicating the use of exploits for critical vulnerabilities in Connectwise's ScreenConnect application, tracked as CVE-2024-1708 and CVE-2024-1709. ConnectWise has already released updates to mitigate these system weaknesses. Huntress researcher John Hammond mentions attacks on entities such as veterinary clinics and local government offices.

Attribution of attacks remains complex

Security experts could not confirm whether the recent attacks use the original version of LockBit or an "unofficial" variant that spread in 2022. The proliferation of malware versions outside the control of the original creators makes it difficult to trace malicious campaigns to the source principal. This situation confirms the resilience of LockBit, also following the joint efforts of law enforcement authorities at the international level.

LockBit: Persistence despite international operations

The breadth of LockBit's infrastructure, its affiliates and global reach, highlights the fact that law enforcement efforts may not have been sufficient to completely extinguish the threat. The latest attacks could be interpreted as a demonstration that the group has the ability to continue its criminal actions despite the obstacles encountered.

Trend Micro analyzes a new version of LockBit

Security company Trend Micro has obtained a sample of an upcoming version of the LockBit malware (presumably LockBit 4.0), developed in .NET, compressed with MPRESS and compiled using CoreRT, different from the previous one made in C/C++. While some features from previous versions are missing, the code appears to be at an advanced stage of development. This discovery constitutes a further step forward after the Cronos operation, allowing the authorities to deepen the analysis of this criminal phenomenon.

Follow us on Google News for more pills like this

02/25/2024 13:53

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon