Lockbit V3

Malware updated 5 months ago (2024-05-04T18:35:31.168Z)

Download STIX

Preview STIX

LockBit v3, also known as LockBit Black, is a potent malware that was initially detected in June 2022. This malicious software is designed to exploit and damage computer systems by encrypting files rapidly, often without the user's knowledge. It infiltrates systems through suspicious downloads, emails, or websites, potentially stealing personal information, disrupting operations, or holding data hostage for ransom. In September 2022, a significant event occurred when a builder for this variant was leaked online, making it accessible to a wider range of potential cybercriminals. The performance of LockBit v3 has been benchmarked against other similar threats. In tests conducted by Check Point on a system with 6 CPUs, 8GB RAM, and an SSD containing 220,000 files, LockBit v3 completed its file encryption routine in seven minutes, marking it as one of the fastest ransomware programs for file encryption. Despite its speed, it was still outperformed by another ransomware program named Rorschach, which completed its file encryption routine in just 4 minutes and 30 seconds. The leakage of the builder code for LockBit v3 in September 2022 opened up opportunities for unaffiliated cybercriminals to adopt this premier malware-making tool for their own ends. Researchers from Kaspersky observed a cyber intrusion in the fall of the same year, where a variant of LockBit v3 was used to encrypt an organization's critical systems. The incident highlighted the evolving threat landscape and the increasing sophistication of cyberattacks, underscoring the need for robust cybersecurity measures.

Description last updated: 2023-11-29T04:41:42.897Z

What's your take? (Question 1 of 1)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Lockbit Black is a possible alias for Lockbit V3. LockBit Black, also known as LockBit 3.0, is a malicious software that emerged in early 2022 following the release of its predecessor, LockBit 2.0 (or LockBit Red) in mid-2021. The malware has been developed to exploit and damage computer systems by encrypting files, often leading to ransom demands	3

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Lockbit Malware is associated with Lockbit V3. LockBit is a notorious malware that operates on a ransomware-as-a-service model, which has been responsible for significant cyber attacks across the globe. One of its most high-profile targets was Boeing, from whom the LockBit gang claimed to have stolen data. This incident not only disrupted operat	is related to	3

Source Document References

Information about the Lockbit V3 Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	2 years ago	New Rorschach ransomware hits with unique features and very fast encryption
CERT-EU	a year ago	Cybercriminals Harness Leaked LockBit Builder in Wave of New Attacks
CERT-EU	a year ago	Leaked LockBit 3.0 ransomware builder used by multiple actors
Securityaffairs	a year ago	Leaked LockBit 3.0 ransomware builder used by multiple actors