ransomware gang is failing to publish victims’ knowledge • Graham Cluley

In response to an interesting report by Jon DiMaggio of Analyst1, who spent a yr undercover gathering intelligence on the LockBit group, the ransomware gang is attempting to cowl up “the actual fact it typically can not persistently publish stolen knowledge.”

And that’s clearly an issue for a cybercriminal gang which is utilizing the specter of publishing exfiltrated knowledge as its major lever for extorting a ransom from its victims.

DiMaggio claims that the issue “is because of limitations in [LockBit’s] backend infrastructure and out there bandwidth.”

“LockBit just lately up to date its infrastructure to deal with these deficiencies. Nonetheless, it is a gimmick to make it seem that it corrected the beforehand talked about downside with posting sufferer knowledge. It claims victims’ “FILES ARE PUBLISHED”. Usually, it is a lie and a ploy to cowl up the truth that LockBit can not persistently host and publish massive quantities of sufferer knowledge by way of its admin panel, as promised to its affiliate companions. Additional, over the previous six months, LockBit has offered empty threats it didn’t act upon after many victims refused to pay. But, in some way, nobody has observed.”

I suppose should you steal an enormous quantity of knowledge from many firms you need to guarantee that you’ve got the cupboard space and server infrastructure to leak it to the world.

On account of these and different points (DiMaggio says a deadline to launch an up to date model of the ransomware has been missed, for example), the group’s fame has been tarnished and a few of LockBit’s high associates have left for different ransomware teams in latest months.

My guess is that firms may be so much much less inclined to pay a ransom in the event that they believed it was much less possible that their stolen knowledge was truly going to be revealed…

Sign up to our free newsletter.
Security news, advice, and tips.

It is going to be attention-grabbing to see if LockBit can tackle its infrastructure difficulty – maybe by providing the info it has stolen from victimised firms through torrents as an alternative.

Discovered this text attention-grabbing? Follow Graham Cluley on Twitter or Mastodon to learn extra of the unique content material we publish.

Graham Cluley is a veteran of the cybersecurity business, having labored for quite a few safety firms because the early Nineteen Nineties when he wrote the primary ever model of Dr Solomon’s Anti-Virus Toolkit for Home windows. Now an unbiased analyst, he recurrently makes media appearances and is an international public speaker on the subject of cybersecurity, hackers, and on-line privateness.
Observe him on Twitter, Mastodon, Bluesky, or drop him an email.