Lockbit v3.0

Malware updated 4 months ago (2024-05-04T18:55:50.375Z)

Download STIX

Preview STIX

LockBit v3.0 is a malicious software variant, known for its capability to encrypt up to 25,000 files per minute. This potent ransomware was first encountered almost a year ago, and despite not being the fastest of its kind, it poses a significant threat due to the average time required to detect and mitigate a breach—approximately 280 days. Its primary mode of operation involves exploiting and damaging computer systems, often infiltrating through suspicious downloads, emails, or websites without the user's knowledge. Once embedded, LockBit v3.0 can disrupt operations, steal personal information, or hold data hostage for ransom. Around the same time as the release of LockBit v3.0, another malware, BabLock, emerged. However, our analysis indicates that most of BabLock's structure still resembles LockBit v2.0, leading us to believe that it may originate from a different affiliate or group. The timing of their appearances led to initial speculation about a potential connection between the two entities. However, after nearly a year since the introduction of LockBit v3.0, recent attacks involving BabLock have shown no changes in its payload. This observation strengthens our stance that BabLock and the actual LockBit group are neither connected nor closely affiliated. Despite the similarities in their modus operandi and the coincidental timing of their emergence, these two threats appear to be distinct, each posing unique challenges in cybersecurity.

Description last updated: 2023-08-16T16:18:25.072Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Payload

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
Lockbit	is related to	2	LockBit is a malicious software, or malware, that has been notably active and damaging in the cyber world. Known for its ability to infiltrate systems often without detection, it can steal personal information, disrupt operations, and even hold data hostage for ransom. In the first half of 2024, Loc
Bablock	Unspecified	2	BabLock, also known as Rorschach, is a type of malware that operates as ransomware. First identified by Check Point Research in April 2023, this harmful software infiltrates computer systems and devices, often without the user's knowledge, with the aim to exploit, damage, and potentially hold data h

Source Document References

Information about the Lockbit v3.0 Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	a year ago	An Analysis of the BabLock Ransomware
CERT-EU	a year ago	Why Your Detection-First Security Approach Isn't Working
Trend Micro	a year ago	An Analysis of the BabLock Ransomware