LockBit, the infamous ransomware gang claims to have stolen data from consulting and IT services provider Kearney & Company.
A bit more on K&C
Among the largest CPA firms in the country, Kearney provides services across the financial management spectrum for government entities. Services offered by the company include auditing, consulting, and information technology. In addition, it has improved the efficiency and effectiveness of the Federal Government's financial operations.
The Lockbit 3.0 gang added Kearney & Company to its list of victims on November 05. If Kearney & Company does not pay the ransom by November 26, 2022, the data will be published. An example of the stolen data is being published by the ransomware gang at the moment, which includes financial documents, contracts, audit reports, and billing records.
The ransomware gang is demanding the payment of $2M to destroy the stolen data and $10K to extend the timer for 24H.
Recent attacks and developments
The LockBit ransomware group targets many industries and organizations throughout the world. One of the most well-known Raas enterprises, LockBit, has experienced unheard-of growth since its start in 2019.
LockBit ransomware groups recently claimed responsibility for hacking Continental and Thales, two major defense companies.
Earlier this week, LockBit 3.0 was seen spreading via Amadey Bot, found by the ASEC analysis team.
Lockbit’s self-development program
With the launch of LockBit 3.0, the ransomware group introduced new extortion tactics and accepts Zcash as payment.
LockBit 3.0 attempted to tempt researchers to share bug bounty reports and, in turn, promised rewards ranging between $1,000 and $1 million.
LockBit ransomware reportedly pays hefty bounties for brilliant ideas on improving the ransomware operation and for doxxing the affiliate program manager.
LockBit’s, a much more aggressive ransomware
Researchers at DarkFeed found that LockBit affiliates claimed 103 victims in September alone.
In Q2 2022, LockBit held the record for the most victims (231) among cybercrime groups, according to a report by Digital Shadows.
Throughout its history, LockBit has affected 1,157 victims, far more than Conti (900), Hive (192), and BlackCat (177).
Closing thoughts
LockBit ransomware is, undoubtedly, one of the most active ransomware gangs. This is because it is continually updating its tactics, technology, and payment methods. Therefore, it is vital for security and network professionals to stay up to date with the ransomware group’s movements.