Lockbit Red

Malware updated 4 months ago (2024-05-04T22:18:37.243Z)
Download STIX
Preview STIX
LockBit, a notorious ransomware, underwent a significant upgrade to LockBit 2.0 (also known as LockBit Red) in mid-2021. This malware version, designed to exploit and damage computer systems, was often propagated through suspicious downloads, emails, or websites. Once infiltrated, it could steal personal information, disrupt operations, or even hold data hostage for ransom. Alongside the release of LockBit Red in June 2021, the developer also introduced StealBit, a tool specifically designed for data exfiltration. The developer behind LockBit has shown consistent efforts in improving the ransomware over time. Following the release of LockBit Red, LockBit 3.0 (also known as LockBit Black) was launched in early 2022. It is highly probable that the group also upgraded its decryption tool during these iterations. Each new version of LockBit, including LockBit Black, LockBit Red, and LockBit Green (based on Conti Source code), came with increased capabilities and potential threats. In January 2023, the most recent version of the ransomware, LockBit Green, was released. This version shares 89% of its code with Conti v3 ransomware, a notorious malware from the now-disbanded Conti gang. Despite being relatively new, LockBit Green has already been used to attack at least five victims. This highlights the escalating threat posed by the continuous evolution of the LockBit ransomware.
Description last updated: 2024-05-04T21:31:59.483Z
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Lockbit Black
4
LockBit Black, also known as LockBit 3.0, is a sophisticated malware variant that emerged in early 2022. This malicious software encrypts files and disrupts operations on infected devices, often demanding a ransom for the restoration of data. Developed as an iteration of LockBit 2.0 (LockBit Red) re
Lockbit Green
2
LockBit, also known as Gold Mystic and Water Selkie, is a notorious ransomware group that has been active since its inception in September 2019. It has developed several variants of its malware over the years, including LockBit 1.0, LockBit 2.0, LockBit 3.0, and most recently, LockBit Green. The gro
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
IDTypeVotesProfile Description
LockbitUnspecified
5
LockBit is a malicious software, or malware, that has been notably active and damaging in the cyber world. Known for its ability to infiltrate systems often without detection, it can steal personal information, disrupt operations, and even hold data hostage for ransom. In the first half of 2024, Loc
ContiUnspecified
2
Conti is a notorious malware and ransomware operation that has caused significant damage to computer systems worldwide. The Conti group, believed to have around 200 employees, operated like a regular business, with internal communications revealing the organization's structure and operations. It was
Source Document References
Information about the Lockbit Red Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
6 months ago
Operation Cronos: Who Are the LockBit Admins
CERT-EU
7 months ago
LockBit Taken Down: What Comes Next? - ReliaQuest
CISA
a year ago
Understanding Ransomware Threat Actors: LockBit | CISA
Malwarebytes
2 years ago
Ransomware review: February 2023
Fortinet
a year ago
Meet LockBit: The Most Prevalent Ransomware in 2022 | FortiGuard Labs
CERT-EU
a year ago
LockBit Ransomware Extorts $91 Million from U.S. Companies
Securityaffairs
2 years ago
LockBit Green ransomware variant borrows code from Conti one