LockBit ransomware has cost victims millions in the US alone

New report sheds light on one of the most prolific ransomware gans out there

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The notorious LockBitransomwaregang has stolen approximately $91 million just from victims in the United States since 2020, making it one of the most successful, if not the most successful, ransomware threats out there.

The news comes from a joint advisory, published earlier this week by the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI, Multi-State Information Sharing and Analysis Center (MS-ISAC), and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, France, and New Zealand.

Thousands of victims

As per theadvisory, in the last three years, the group successfully compromised roughly 1,700 American organizations. Last year alone, some 16% of all attacks targeted State, Local, and Tribunal (SLTT) governments, MS-ISAC’s data shows. So municipal governments, counties, educational institutions, and public service organizations, were some of the most popular targets.

“In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023,” the report claims.

Port of Lisbon hit by ransomware attack>Data breached at LA Housing Authority after ransomware attack>These are the best malware removal tools at the moment

But LockBit wasn’t entirely focused on these organizations. Private sector firms of all shapes and sizes were being targeted, as well: “Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array of critical infrastructure sectors, including financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.”

As per CSO Online, LockBit first formed in 2019, under the name ABCD, given to the group after the file extension that was left on encrypted files. It quickly rose to prominence, and by 2020, it was up to version 2.0. This variant of the encryptor was “the most impactful and widely deployed ransomware variant” to be observed in Q1 2022, according to researchers from Unit 42, Palo Alto Networks’ cybersecurityarm.

While the official number of victims is around 1,700, the group itself claims to have compromised more than 12,000 organizations.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics