Key Points:
- The LockBit ransomware group has targeted four new companies, including three US-based businesses and one China-based establishment.
- The victims are Bemes, Inc., Spirit Leatherworks, Robert F. Pagano & Associates, and Goldwind.
- While the LockBit group has claimed responsibility for these engagements, official statements from the targeted entities are still awaited for confirmation.
The notorious LockBit ransomware group has broadened its victim base with four recent attacks targeting US-based firms Bemes, Inc., Spirit Leatherworks, and Robert F. Pagano & Associates, as well as China-based Goldwind. According to the group’s dark web data leak portal, each victim faces unique data release deadlines, although these timelines remain unverified until the impacted companies confirm.
Bemes, Inc., a healthcare equipment company that specializes in leasing and maintaining respiratory and respiratory-related equipment; Spirit Leatherworks, a designer, manufacturer, and distributor of leather goods; Robert F. Pagano & Associates, a CPA and business advisory firm based in Boston, Massachusetts; and Goldwind Science & Technology Co., Ltd. (Goldwind), a multinational from China that constructs and operates wind power plants, have all been identified as victims of these cyberattacks.
LockBit, an active ransomware group for over four years, is known for its double extortion methods – encrypting victims’ data and threatening its exposure if their demands are not met. The group has managed to extort approximately $91 million since 2020, according to the US Government, making it one of few ransomware groups to use self-spreading malware technology and double encryption. The LockBit group has also conducted at least 1700 cyberattacks on different US-based enterprises, according to the Cybersecurity and Infrastructure Security Agency (CISA). Their typical modus operandi involves extorting money via the capture of confidential information, which they then use as leverage.