In response to an enchanting report by Jon DiMaggio of Analyst1, who spent a 12 months undercover gathering intelligence on the LockBit group, the ransomware gang is making an attempt to cowl up “the actual fact it typically can not persistently publish stolen knowledge.”
And that’s clearly an issue for a cybercriminal gang which is utilizing the specter of publishing exfiltrated knowledge as its main lever for extorting a ransom from its victims.
DiMaggio claims that the issue “is because of limitations in [LockBit’s] backend infrastructure and obtainable bandwidth.”
“LockBit just lately up to date its infrastructure to handle these deficiencies. Nonetheless, it is a gimmick to make it seem that it corrected the beforehand talked about drawback with posting sufferer knowledge. It claims victims’ “FILES ARE PUBLISHED”. Typically, it is a lie and a ploy to cowl up the truth that LockBit can not persistently host and publish massive quantities of sufferer knowledge by way of its admin panel, as promised to its affiliate companions. Additional, over the previous six months, LockBit has introduced empty threats it didn’t act upon after many victims refused to pay. But, someway, nobody has seen.”
I assume when you steal an enormous quantity of information from many firms you must guarantee that you’ve got the space for storing and server infrastructure to leak it to the world.
On account of these and different points (DiMaggio says a deadline to launch an up to date model of the ranasomware has been missed, as an example), the group’s repute has been tarnished and a few of LockBit’s high associates have left for different ransomware teams in latest months.
My guess is that firms is perhaps lots much less inclined to pay a ransom in the event that they believed it was much less doubtless that their stolen knowledge was truly going to be revealed…
It is going to be fascinating to see if LockBit can deal with its infrastructure situation – maybe by providing the information it has stolen from victimised firms through torrents as a substitute.
Discovered this text fascinating? Comply with Graham Cluley on Twitter or Mastodon to learn extra of the unique content material we submit.