LockBit is one of the most active ransomware operations right now thanks to its open communication with threat actors and cybersecurity professionals through its public-facing operation, “LockBitSupp.” Because the operation is always adopting new techniques, technologies, and payment methods, it is essential for security and network specialists to stay up to date on the operation’s development and TTP.
The LockBit ransomware organization has been held responsible for the attack against Entrust, a prominent provider of digital security, in June. Entrust experienced a ransomware attack in June 2022. Entrust had already begun alerting customers to a breach when information was stolen from internal systems.
LockBit allegedly set up a dedicated data leak page for Entrust on its website, offering to disclose all of the stolen data. Entrust said that they were looking into the situation but did not elaborate on the attack or say whether it involved ransomware.
When ransomware gangs publish the material on their data leak sites, they usually do it gradually to encourage the victim to resume negotiations. Entrust may not have held talks with the ransomware operation or may not be inclined to accede to its demands if LockBit says it will expose all data.
Entrust warned its clients that “We have determined that some files were taken from our internal systems.” As we continue to investigate the situation, if we learn anything that we believe might have an effect on the security of the products and services we provide to your business, we’ll get in touch with you straight away.
Today, there has been news that LockBit is being DDoS’d because of the Entrust hack. When asked to them how they are so sure about it, they shared an image. Someone is DDoSing the LockBit blog hard right now. When asked to LockBitSupp about it, they claim that they’re getting 400 requests a second from over 1000 servers. As of this writing, the attack appears to be active. LockBit promised more resources & to “drain the ddosers money”