AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

LockBit's tenacious activity despite global investigations

Challenges and countermeasures in the war against the LockBit cyber criminal group

LockBit, a cybercriminal group, continues to launch attacks despite international legal action. Security specialists have discovered new vulnerabilities exploited by the group and Trend Micro analyzes an advanced version of their malware.

This pill is also available in Italian language

Despite the recent Operation Cronos, which led to significant action against the LockBit cyber criminal group, a resurgence of their malicious activity has been detected. The Sophos and Huntress security teams highlighted new attacks linked to this group within 24 hours, indicating the use of exploits for critical vulnerabilities in Connectwise's ScreenConnect application, tracked as CVE-2024-1708 and CVE-2024-1709. ConnectWise has already released updates to mitigate these system weaknesses. Huntress researcher John Hammond mentions attacks on entities such as veterinary clinics and local government offices.

Attribution of attacks remains complex

Security experts could not confirm whether the recent attacks use the original version of LockBit or an "unofficial" variant that spread in 2022. The proliferation of malware versions outside the control of the original creators makes it difficult to trace malicious campaigns to the source principal. This situation confirms the resilience of LockBit, also following the joint efforts of law enforcement authorities at the international level.

LockBit: Persistence despite international operations

The breadth of LockBit's infrastructure, its affiliates and global reach, highlights the fact that law enforcement efforts may not have been sufficient to completely extinguish the threat. The latest attacks could be interpreted as a demonstration that the group has the ability to continue its criminal actions despite the obstacles encountered.

Trend Micro analyzes a new version of LockBit

Security company Trend Micro has obtained a sample of an upcoming version of the LockBit malware (presumably LockBit 4.0), developed in .NET, compressed with MPRESS and compiled using CoreRT, different from the previous one made in C/C++. While some features from previous versions are missing, the code appears to be at an advanced stage of development. This discovery constitutes a further step forward after the Cronos operation, allowing the authorities to deepen the analysis of this criminal phenomenon.

Follow us on Google News for more pills like this

02/25/2024 13:53

Editorial AI

Last pills

Career opportunities in Italian intelligence: entering the heart of securityFind out how to join the intelligence forces and contribute to national security

Hacker attack impacts Microsoft and US federal agenciesNational security implications and strategic responses to credential theft

Implications and repercussions of the serious cyberattack on the Lazio NHSConsequences and punitive measures after the ransomware attack that brought the regional healthcare system to its knees

Telecommunications security: flaw exposes conversations and 2FA to the risk of interceptionRisk of privacy violation through call diversion: measures and industry responses