Trend™ Research has identified and analyzed the source binaries of a new LockBit version in the wild, which is the latest from the group’s activities following the February 2024 law enforcement operation (Operation Cronos) that disrupted their infrastructure.
In early September, the LockBit ransomware group reportedly resurfaced for their sixth anniversary, announcing the release of “LockBit 5.0”. Trend Research discovered a binary available in the wild and began analysis that initially discovered a Windows variant and confirmed the existence of Linux and ESXi variants of LockBit 5.0. This latest news continues the group’s established cross-platform strategy seen since LockBit 2.0 in 2021.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH)
August 4, 2020
An Iranian hacking group known as Oilrig has become the first publicly known threat actor to incorporate the DNS-over-HTTPS (DoH) protocol in its attacks. Speaking in a webinar last week, Vincente Diaz, a malware analyst for antivirus maker Kaspersky, said the change happened in May this year when Oilrig added a new tool to its hacking ...
- Unveiling the Hidden Risks of Industrial Automation Programming
August 4, 2020
Robots and other programmable industrial machines are the backbone of the manufacturing industry. Without them, the large-scale and fast-paced production that our modern economy depends on would simply be impossible. Critical sectors — from automotive and avionics to pharmaceuticals and food production — are reliant on these machines for the precise and efficient actions that ...
- INTERPOL report shows alarming rate of cyberattacks during COVID-19
August 4, 2020
An INTERPOL assessment of the impact of COVID-19 on cybercrime has shown a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure. With organizations and businesses rapidly deploying remote systems and networks to support staff working from home, criminals are also taking advantage of increased security vulnerabilities to steal data, ...
- Vulnerable perimeter devices: a huge attack surface
August 4, 2020
With the increase of critical gateway devices deployed to support off-premise work, companies across the world have to adapt to a new threat landscape where perimeter and remote access devices are now in the first line. Companies lack visibility into the growing network of internet-connected services and devices that support the new work paradigm; and the ...
- WastedLocker ransomware abuses Windows feature to evade detection
August 4, 2020
The WastedLocker ransomware is abusing a Windows memory management feature to evade detection by security software. Before we get to how WastedLocker is evading detection, it is necessary to understand how anti-ransomware solutions detect ransomware. Anti-ransomware solutions will monitor the operating system for file system calls traditionally used by ransomware when encrypting a file. Read more… Source: Bleeping Computer
- Netgear Won’t Patch 45 Router Models Vulnerable to Serious Flaw
August 4, 2020
Netgear will not patch 45 router models that are vulnerable to a high-severity remote code execution flaw, the router company revealed last week. However, the company says that routers that won’t receive updates are outdated or have reached EOL (End of Life). The remote code execution vulnerability in question, which was disclosed June 15, allows network-adjacent ...

