Lockbit V3

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
LockBit v3, also known as LockBit Black, is a potent malware that was initially detected in June 2022. This malicious software is designed to exploit and damage computer systems by encrypting files rapidly, often without the user's knowledge. It infiltrates systems through suspicious downloads, emails, or websites, potentially stealing personal information, disrupting operations, or holding data hostage for ransom. In September 2022, a significant event occurred when a builder for this variant was leaked online, making it accessible to a wider range of potential cybercriminals. The performance of LockBit v3 has been benchmarked against other similar threats. In tests conducted by Check Point on a system with 6 CPUs, 8GB RAM, and an SSD containing 220,000 files, LockBit v3 completed its file encryption routine in seven minutes, marking it as one of the fastest ransomware programs for file encryption. Despite its speed, it was still outperformed by another ransomware program named Rorschach, which completed its file encryption routine in just 4 minutes and 30 seconds. The leakage of the builder code for LockBit v3 in September 2022 opened up opportunities for unaffiliated cybercriminals to adopt this premier malware-making tool for their own ends. Researchers from Kaspersky observed a cyber intrusion in the fall of the same year, where a variant of LockBit v3 was used to encrypt an organization's critical systems. The incident highlighted the evolving threat landscape and the increasing sophistication of cyberattacks, underscoring the need for robust cybersecurity measures.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Lockbit
3
LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt
Lockbit Black
3
LockBit Black, also known as LockBit 3.0, is a malware that emerged in early 2022, following the release of its predecessor, LockBit 2.0 (or LockBit Red) in mid-2021. This malicious software, designed to exploit and damage computer systems, encrypts files and often holds them hostage for ransom. The
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Malware
Encrypt
Encryption
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
RorschachUnspecified
1
Rorschach, also known as BabLock, is a malware variant that has been recognized for its speed and sophistication. It is a form of ransomware that encrypts files on infected systems at an unprecedented rate, with Check Point researchers noting it as one of the fastest ransomware variants ever observe
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Lockbit V3 Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
New Rorschach ransomware hits with unique features and very fast encryption
CERT-EU
a year ago
Cybercriminals Harness Leaked LockBit Builder in Wave of New Attacks
CERT-EU
a year ago
Leaked LockBit 3.0 ransomware builder used by multiple actors
Securityaffairs
a year ago
Leaked LockBit 3.0 ransomware builder used by multiple actors