- The LockBit ransomware group has targeted four new companies including US-based Bemes, Inc., Spirit Leatherworks, and Robert F. Pagano & Associates, as well as China-based Goldwind.
- While the websites of most the affected companies were operating normally, Goldwind and Robert F Pagano & Associates’ websites encountered loading errors.
- The LockBit group has given each victim distinct deadlines for data release or they face exposure of their data on the dark web.
- LockBit, a Russian-speaking ransomware group, has carried out over 1700 cyberattacks on US-based enterprises according to the Cybersecurity and Infrastructure Security Agency (CISA).
The LockBit ransomware group has announced four new victims in their latest cyberattacks – Bemes, Inc., Spirit Leatherworks, Robert F. Pagano & Associates in the US and Goldwind based in China. While the cybercriminal group has claimed responsibility, these assertions remain unconfirmed pending official statements from the affected companies.
Following the attacks, most of the victims’ websites operated as usual. However, the websites of Goldwind and Robert F Pagano & Associates encountered technical issues and displayed error messages advising visitors to contact the site owner if the problem continued.
The list of victims and their data has reportedly been disclosed on the group’s dark web data leak portal. The LockBit ransomware group has provided these companies with deadlines for data release with threats of exposing their data on the dark web if these deadlines are not met. The deadlines differ for each company – 17th December 2023 for Goldwind and varied deadlines for the three US-based companies between 14th and 21st December 2023.
LockBit is known for using double extortion tactics, jeopardizing victims’ data and threatening to leak it if their demands remain unmet. According to the US Government, LockBit has extorted as much as $91 million from their cyberattacks since 2020. The group uses self-spreading malware technology and double encryption making it one of the few ransomware groups to do so. The group first appeared in 2019 and has since focused on hacking thousands of companies across the globe, with particular emphasis on companies headquartered in the United States.
It is crucial to note that there is a growing need for enhanced cybersecurity measures and constant vigilance to combat these increasingly sophisticated cyberattacks.