A new version of the LockBit 2.0 ransomware has been found that automates the encryption of a Windows domain using Active Directory group policies.
The LockBit ransomware operation launched in September 2019 as a ransomware-as-a-service, where threat actors are recruited to breach networks and encrypt devices.
In return, the recruited affiliates earn 70-80% of a ransom payment, and the LockBit developers keep the rest.
Read more…
Source: Bleeping Computer