LockBit ransomware now encrypts Windows domains using group policies


A new version of the LockBit 2.0 ransomware has been found that automates the encryption of a Windows domain using Active Directory group policies.

The LockBit ransomware operation launched in September 2019 as a ransomware-as-a-service, where threat actors are recruited to breach networks and encrypt devices.

In return, the recruited affiliates earn 70-80% of a ransom payment, and the LockBit developers keep the rest.

Read more…
Source: Bleeping Computer