Trend™ Research has identified and analyzed the source binaries of a new LockBit version in the wild, which is the latest from the group’s activities following the February 2024 law enforcement operation (Operation Cronos) that disrupted their infrastructure.
In early September, the LockBit ransomware group reportedly resurfaced for their sixth anniversary, announcing the release of “LockBit 5.0”. Trend Research discovered a binary available in the wild and began analysis that initially discovered a Windows variant and confirmed the existence of Linux and ESXi variants of LockBit 5.0. This latest news continues the group’s established cross-platform strategy seen since LockBit 2.0 in 2021.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Collecting In the Dark: Tropic Trooper Targets Transportation and Government
December 14, 2021
Earth Centaur, previously known as Tropic Trooper, is a long-running cyberespionage threat group that has been active since 2011. In July 2020, Trend Micro researchers noticed interesting activity coming from the group, and they have been closely monitoring it since. The actors seem to be targeting organizations in the transportation industry and government agencies related ...
- Log4j flaw: Nearly half of corporate networks have been targeted by attackers trying to use this vulnerability
December 14, 2021
The number of attacks aiming to take advantage of the recently disclosed security flaw in the Log4j2 Java logging library continues to grow. The vulnerability (CVE-2021-44228) was publicly disclosed on December 9 and enables remote code execution and access to servers. What makes it such a major issue is Log4j is widely used in commonly deployed ...
- Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery
December 14, 2021
Microsoft has addressed a zero-day vulnerability that was exploited in the wild to deliver Emotet, Trickbot and more in the form of fake applications. The patch came as part of the computing giant’s December Patch Tuesday update, which included a total of 67 fixes for security vulnerabilities. The patches cover the waterfront of Microsoft’s portfolio, affecting ...
- Arrest in Romania of a ransomware affiliate scavenging for sensitive data
December 13, 2021
Europol’s European Cybercrime Centre (EC3) has supported the Romanian National Police (Poliția Română) and the US Federal Bureau of Investigation (FBI) in arresting a ransomware affiliate targeting high-profile organisations and companies for their sensitive data. The suspect – a 41-year-old Romanian national – was arrested today at his home in Craiova, Romania, in the early hours ...
- Volvo Cars discloses security breach leading to R&D data theft
December 10, 2021
Swedish carmaker Volvo Cars has disclosed that unknown attackers have stolen research and development information after hacking some of its servers. “Volvo Cars has become aware that one of its file repositories has been illegally accessed by a third party,” the company disclosed today. “Investigations so far confirm that a limited amount of the company’s R&D property ...
- Irish Health Service ransomware attack happened after one staffer opened malware-ridden email
December 10, 2021
Ireland’s Health Service Executive (HSE) was almost paralysed by ransomware after a single user opened a malicious file attached to a phishing email, a consultancy’s damning report has revealed. Issued today, the report from PWC (formerly known as PriceWaterhouseCoopers) said that the hugely harmful Conti ransomware infection was caused because of the simplest attack vector known ...

