New LockBit 5.0 Targets Windows, Linux, ESXi


Trend™ Research has identified and analyzed the source binaries of a new LockBit version in the wild, which is the latest from the group’s activities following the February 2024 law enforcement operation (Operation Cronos) that disrupted their infrastructure.

In early September, the LockBit ransomware group reportedly resurfaced for their sixth anniversary, announcing the release of “LockBit 5.0”. Trend Research discovered a binary available in the wild and began analysis that initially discovered a Windows variant and confirmed the existence of Linux and ESXi variants of LockBit 5.0. This latest news continues the group’s established cross-platform strategy seen since LockBit 2.0 in 2021.

Read more…
Source: Trend Micro


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Ransomware gang tries to extort Apple hours ahead of Spring Loaded event

    April 20, 2021

    The operators of the REvil ransomware are demanding that Apple pay a ransom demand to avoid having confidential information leaked on the dark web. The REvil crew claims it came into possession of Apple product data after breaching Quanta Computer, a Taiwanese company that is the biggest laptop manufacturer in the world and which is also ...

  • Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise

    April 20, 2021

    In March 2021, Mandiant Managed Defense identified three zero-day vulnerabilities in SonicWall’s Email Security (ES) product that were being exploited in the wild. These vulnerabilities were executed in conjunction to obtain administrative access and code execution on a SonicWall ES device. The adversary leveraged these vulnerabilities, with intimate knowledge of the SonicWall application, to install a ...

  • Just What The Cyber Doctors Ordered – OT For Pharmaceutical Companies

    April 20, 2021

    Several digital attacks against pharmaceutical companies have made news in the past few years. Back in 2017, for instance, Merck fell victim to NotPetya. The wiper malware spread to the pharmaceutical giant’s headquarters, rendered years of research inaccessible, affected various production facilities and caused $1.3 billion in damages, according to Bloomberg News. A couple of ...

  • ‘High-level’ organiser of FIN7 hacking group sentenced to ten years in prison

    April 19, 2021

    The US Department of Justice described Ukranian national Fedir Hladyr, 35, as a systems administrator for the FIN7 hacking group. He was arrested in Germany, in 2018 at the request of U.S. law enforcement and was extradited to Seattle. In September 2019, he pleaded guilty to conspiracy to commit wire fraud and one count of conspiracy ...

  • The Security dilemma of smart factories [Part 3] Fundamental security risks in robot languages

    April 19, 2021

    Industrial robots are the core of the automation of manufacturing processes in smart factories, and are the most important components as they support the manufacture of all kinds of products such as automobiles, aircraft, processed foods, and pharmaceuticals. In addition, as equipment that realizes unmanned manufacturing in the post-COVID-19 world where minimal or no contact ...

  • Cybercrime rises by almost 40% in Moscow since beginning of 2021

    April 19, 2021

    The number of cyber crimes in Moscow rose by almost 40% since the beginning of the year, “More than 14,600 crimes involving information and communication technologies were recorded in Moscow in the first quarter of the year, up 38% compared to the same period last year,” the statement reads. According to the prosecution authorities, most cyber criminals ...