New LockBit 5.0 Targets Windows, Linux, ESXi


Trend™ Research has identified and analyzed the source binaries of a new LockBit version in the wild, which is the latest from the group’s activities following the February 2024 law enforcement operation (Operation Cronos) that disrupted their infrastructure.

In early September, the LockBit ransomware group reportedly resurfaced for their sixth anniversary, announcing the release of “LockBit 5.0”. Trend Research discovered a binary available in the wild and began analysis that initially discovered a Windows variant and confirmed the existence of Linux and ESXi variants of LockBit 5.0. This latest news continues the group’s established cross-platform strategy seen since LockBit 2.0 in 2021.

Read more…
Source: Trend Micro


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • European Commission, other EU orgs recently hit by cyber-attack

    April 6, 2021

    The European Commission and several other European Union organizations were hit by a cyberattack in March, according to a European Commission spokesperson. As revealed by the spokesperson, the “IT security incident” impacted multiple EU institutions, bodies, or agencies’ IT infrastructure. “We are working closely with CERT-EU, the Computer Emergency Response Team for all EU institutions, bodies and ...

  • Conti Gang Demands $40M Ransom from Florida School District

    April 6, 2021

    The Conti Gang has demanded a $40 million ransom from a Fort Lauderdale, Fla., school district after a ransomware attack last month. Attackers stole personal information from students and teachers, disrupted the district’s networks, and caused some services to be unavailable. The incident that was discovered on March 7 at Broward County Public Schools drew limited ...

  • SAP Bugs Under Active Cyberattack, Causing Widespread Compromise

    April 6, 2021

    Active cyberattacks on known vulnerabilities in SAP systems could lead to full control of unsecured SAP applications, researchers are warning. Adversaries are carrying out a range of attacks, according to an alert from SAP and security firm Onapsis issued Tuesday – including theft of sensitive data, financial fraud, disruption of mission-critical business processes and other operational ...

  • The leap of a Cycldek-related threat actor

    April 5, 2021

    In the nebula of Chinese-speaking threat actors, it is quite common to see tools and methodologies being shared. One such example of this is the infamous “DLL side-loading triad”: a legitimate executable, a malicious DLL to be sideloaded by it, and an encoded payload, generally dropped from a self-extracting archive. Initially considered to be the ...

  • Industrial IoT Needs to Catch Up to Consumer IoT

    April 5, 2021

    When it comes to cybersecurity, industrial IT—consisting mainly of operational technology (OT) and industrial control systems (ICS)—has failed to keep up with development in the enterprise IT world. That’s mostly because industries’ adoption of internet technology has been slower when compared with enterprises. It would take some time to close the gap, but concerted efforts have ...

  • 2020 Phishing Trends With PDF Files

    April 5, 2021

    From 2019-20, we noticed a dramatic 1,160% increase in malicious PDF files – from 411,800 malicious files to 5,224,056. PDF files are an enticing phishing vector as they are cross-platform and allow attackers to engage with users, making their schemes more believable as opposed to a text-based email with just a plain link. To lure users ...