AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

LockBit's tenacious activity despite global investigations

Challenges and countermeasures in the war against the LockBit cyber criminal group

LockBit, a cybercriminal group, continues to launch attacks despite international legal action. Security specialists have discovered new vulnerabilities exploited by the group and Trend Micro analyzes an advanced version of their malware.

This pill is also available in Italian language

Despite the recent Operation Cronos, which led to significant action against the LockBit cyber criminal group, a resurgence of their malicious activity has been detected. The Sophos and Huntress security teams highlighted new attacks linked to this group within 24 hours, indicating the use of exploits for critical vulnerabilities in Connectwise's ScreenConnect application, tracked as CVE-2024-1708 and CVE-2024-1709. ConnectWise has already released updates to mitigate these system weaknesses. Huntress researcher John Hammond mentions attacks on entities such as veterinary clinics and local government offices.

Attribution of attacks remains complex

Security experts could not confirm whether the recent attacks use the original version of LockBit or an "unofficial" variant that spread in 2022. The proliferation of malware versions outside the control of the original creators makes it difficult to trace malicious campaigns to the source principal. This situation confirms the resilience of LockBit, also following the joint efforts of law enforcement authorities at the international level.

LockBit: Persistence despite international operations

The breadth of LockBit's infrastructure, its affiliates and global reach, highlights the fact that law enforcement efforts may not have been sufficient to completely extinguish the threat. The latest attacks could be interpreted as a demonstration that the group has the ability to continue its criminal actions despite the obstacles encountered.

Trend Micro analyzes a new version of LockBit

Security company Trend Micro has obtained a sample of an upcoming version of the LockBit malware (presumably LockBit 4.0), developed in .NET, compressed with MPRESS and compiled using CoreRT, different from the previous one made in C/C++. While some features from previous versions are missing, the code appears to be at an advanced stage of development. This discovery constitutes a further step forward after the Cronos operation, allowing the authorities to deepen the analysis of this criminal phenomenon.

Follow us on Telegram for more pills like this

02/25/2024 13:53

Editorial AI

Last pills

Large-scale data leak for Dell: impacts and responsesData of 49 million users exposed: IT security and privacy concerns

Microsoft strengthens cybersecurityNew policies and accountability measures to strengthen cybersecurity at Microsoft

"Emerging Threat: Social Media Platforms Vulnerable to New Exploit"New critical exploit discovered that threatens the security of millions of users of social platforms

Critical VPN flaw discovered: the TunnelVision attackA new type of DHCP attack threatens the security of VPN networks by exposing user data