Lockbit Green

Malware updated 5 months ago (2024-05-04T17:17:16.288Z)
Download STIX
Preview STIX
LockBit, also known as Gold Mystic and Water Selkie, is a notorious ransomware group that has been active since its inception in September 2019. It has developed several variants of its malware over the years, including LockBit 1.0, LockBit 2.0, LockBit 3.0, and most recently, LockBit Green. The group became the most active ransomware entity in 2023, responsible for the majority of attacks of this nature. In some instances, victims were infected with as many as three different strains of LockBit (LockBit 2.0/Red, LockBit 3.0/Black, and LockBit Green). The latest variant, "LockBit Green," was released in January 2023. Initially, it was promoted as a significant new version by the LockBit team. However, security professionals quickly debunked this claim, finding that LockBit Green was essentially a rebranded version of a Conti encryptor. This appeared to be a strategic move by the group, which had been known for releasing a major new version each year. Despite the controversy surrounding its release, LockBit Green, along with other versions such as LockBit 2.0, LockBit 3.0, and LockBit Linux-ESXi Locker, remains available for affiliates' use on LockBit's panel. The ransomware group continues to pose a significant threat, with their malware capable of disrupting operations, stealing personal information, and holding data hostage for ransom.
Description last updated: 2024-04-25T11:16:17.072Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Conti is a possible alias for Lockbit Green. Conti is a notorious type of malware, specifically ransomware, that infiltrates computer systems to steal data and disrupt operations. The malicious software often spreads through suspicious downloads, emails, or websites, and once inside, it can hold data hostage for ransom. The Conti ransomware op
6
Conti Encryptor is a possible alias for Lockbit Green. Conti Encryptor is a type of malware, a malicious software designed to exploit and damage computer systems. It can infiltrate systems through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once it has gained access, Conti Encryptor can cause s
3
Lockbit Black is a possible alias for Lockbit Green. LockBit Black, also known as LockBit 3.0, is a malicious software that emerged in early 2022 following the release of its predecessor, LockBit 2.0 (or LockBit Red) in mid-2021. The malware has been developed to exploit and damage computer systems by encrypting files, often leading to ransom demands
3
Lockbit Red is a possible alias for Lockbit Green. LockBit, a notorious ransomware, underwent a significant upgrade to LockBit 2.0 (also known as LockBit Red) in mid-2021. This malware version, designed to exploit and damage computer systems, was often propagated through suspicious downloads, emails, or websites. Once infiltrated, it could steal per
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Malware
Macos
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Lockbit Malware is associated with Lockbit Green. LockBit is a notorious malware that operates on a ransomware-as-a-service model, which has been responsible for significant cyber attacks across the globe. One of its most high-profile targets was Boeing, from whom the LockBit gang claimed to have stolen data. This incident not only disrupted operatis related to
9
Source Document References
Information about the Lockbit Green Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
InfoSecurity-magazine
6 months ago
CERT-EU
8 months ago
CERT-EU
8 months ago
CERT-EU
8 months ago
CERT-EU
8 months ago
CERT-EU
8 months ago
BankInfoSecurity
8 months ago
CERT-EU
8 months ago
CERT-EU
8 months ago
Malwarebytes
8 months ago
CERT-EU
a year ago
BankInfoSecurity
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
Securityaffairs
2 years ago
CERT-EU
a year ago
Malwarebytes
2 years ago
CERT-EU
a year ago
CERT-EU
a year ago