Lockbit Red

Malware updated 7 months ago (2024-05-04T22:18:37.243Z)
Download STIX
Preview STIX
LockBit, a notorious ransomware, underwent a significant upgrade to LockBit 2.0 (also known as LockBit Red) in mid-2021. This malware version, designed to exploit and damage computer systems, was often propagated through suspicious downloads, emails, or websites. Once infiltrated, it could steal personal information, disrupt operations, or even hold data hostage for ransom. Alongside the release of LockBit Red in June 2021, the developer also introduced StealBit, a tool specifically designed for data exfiltration. The developer behind LockBit has shown consistent efforts in improving the ransomware over time. Following the release of LockBit Red, LockBit 3.0 (also known as LockBit Black) was launched in early 2022. It is highly probable that the group also upgraded its decryption tool during these iterations. Each new version of LockBit, including LockBit Black, LockBit Red, and LockBit Green (based on Conti Source code), came with increased capabilities and potential threats. In January 2023, the most recent version of the ransomware, LockBit Green, was released. This version shares 89% of its code with Conti v3 ransomware, a notorious malware from the now-disbanded Conti gang. Despite being relatively new, LockBit Green has already been used to attack at least five victims. This highlights the escalating threat posed by the continuous evolution of the LockBit ransomware.
Description last updated: 2024-05-04T21:31:59.483Z
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Lockbit Black is a possible alias for Lockbit Red. LockBit Black, also known as LockBit 3.0, is a malicious software that emerged in early 2022 following the release of its predecessor, LockBit 2.0 (or LockBit Red) in mid-2021. The malware has been developed to exploit and damage computer systems by encrypting files, often leading to ransom demands
4
Lockbit Green is a possible alias for Lockbit Red. LockBit, also known as Gold Mystic and Water Selkie, is a notorious ransomware group that has been active since its inception in September 2019. It has developed several variants of its malware over the years, including LockBit 1.0, LockBit 2.0, LockBit 3.0, and most recently, LockBit Green. The gro
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Lockbit Malware is associated with Lockbit Red. LockBit is a malicious software, or malware, known for its damaging and exploitative functions. It infiltrates systems via dubious downloads, emails, or websites, often without the user's knowledge, and can steal personal information, disrupt operations, or hold data hostage for ransom. The LockBit Unspecified
5
The Conti Malware is associated with Lockbit Red. Conti is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. Often spreading through suspicious downloads, emails, or websites, it can steal personal information, disrupt operations, or hold data hostage for ransom. Notably, Conti was linked to several raUnspecified
2
Source Document References
Information about the Lockbit Red Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more