LockBit ransomware group has struck again, adding three new victims to their dark web portal. The affected parties include Best Motel, Federal Electric Corp Ltd (FEC), and Construction CRD.
The targeted companies operate in various regions of the world, and there appears to be no apparent connection among them, as they belong to different industries.
The Cyber Express has tried to reach out to all the affected organizations in the alleged cyber attack by the LockBit ransomware group. However, all the listed companies’ websites operated normally and showed no signs of disruption.
Moreover, at the time of writing this, no official response or official statement had been received from the companies — making it more difficult to determine whether the threat actor’s claim of a cyber attack is accurate.
LockBit ransomware group lists three new victims
LockBit ransomware group has listed these three victims on its data leak site.
Best Motel, a hospitality establishment located in Vilsbiburg, Landshut, is the first victim being added to the leak data site, and the threat actor has posted a deadline for publishing the data set for August 7, 2023.
FEC, a prominent electric home appliance manufacturer in Thailand under the well-known SHARP brand, has also been listed by the LockBit ransomware group and faces the risk of sensitive data exposure.
The threat actor has uploaded information from FEC’s servers and is threatening to publish it if their demands are not met by the deadline of August 9, 2023.
Construction CRD, a leading residential construction expert in the Quebec region, has become the third victim of the LockBit ransomware group.
Specializing in construction services, CRD faces the same potential threat of confidential data being published on the dark web portal.
The LockBit ransomware group strikes again!
These three businesses have not been the only targets of the LockBit ransomware group’s attacks.
They recently asserted that they targeted West Oaks School, a place for kids with special needs. But that’s not all, the LockBit ransomware organization has claimed responsibility for numerous high-profile cyber attacks in 2022.
In fact, as noted in an advisory released by cybersecurity and law enforcement agencies in June 2023, LockBit ransomware has become one of the most common cyber dangers globally.
The ransomware employs a Ransomware-as-a-Service (RaaS) business model, luring affiliates to carry out attacks using its infrastructure and resources.
As a result, different tactics, methods, and procedures (TTPs) are used in different attacks. LockBit’s success can be ascribed to its original strategy and ongoing improvement of the RaaS and administration panel features.
The ransomware group recruits associates using unusual strategies like providing upfront extortion payments and designing an intuitive ransomware interface.
The impact of LockBit may be seen in several nations, as a large number of victims who refused to pay the ransom have appeared on leak sites.
Several cybersecurity and law enforcement organizations, including CISA, FBI, and MS-ISAC, have produced a Cybersecurity Advisory (CSA) to assist organizations in bolstering their defenses against LockBit ransomware group.
“LockBit ransomware operation functions as a Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure. Due to the large number of unconnected affiliates in the operation, LockBit ransomware attacks vary significantly in observed tactics, techniques, and procedures (TTPs)”, reads the advisory by CISA.
The LockBit ransomware group continues to pose a serious and persistent cyber threat to businesses worldwide. The threat actor is known to cause havoc, and its recent attacks on Best Motel, FEC, and Construction CRD are only the tip of the iceberg. Last year, it went on a cyberattack rampage that targeted numerous businesses globally.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
