- LockBit ransomware group, which had an interesting interaction with Entrust, has announced that they are looking for DDoS-capable crew members.
- The notorious ransomware gang has already had more than 700 victims. Now, they plan to deliver triple-extortion attacks.
- The group took measures against DDoS attacks while they will leak a company’s data by randomizing the links in the ransom notes.
Last week, we have shared the news about the DDoS incident that happened while LockBit was about to leak Entrust’s data. While the origin of this attack is still unknown, LockBit was blaming Entrust. Well, it indeed looks like a counter-attack from Entrust, but there is no official word about it, yet. After this weird incident, LockBit operators announced that they have decided to dive into DDoS as well.
Immediate measures
As they received a possible counter-attack from Entrust while they are trying to leak the data of the company, the LockBit ransomware gang has already taken some measures against future attacks that aim to interfere with the leaking processes. The group now uses unique, randomized links in their ransom notes to make them unrecognizable by DDoS attackers. Additionally, they are increasing the number of mirrors as well as making further tweaks to successfully leak the files they want.
Speaking of DDoS attacks, the LockBit spokesperson has announced that they are looking for DDoS-capable members for their team to land triple-extortion attacks (encrypt data, leak data, and DDoS; all together). It is currently unknown when they are planning to deliver their unique, triple-extortion attack.