LockBit Cyberattacks Strike Again, Four More Victims in Their Wake

December 15, 2023
1 min read

The notorious LockBit ransomware group has claimed four more victims, bringing its total to thousands of companies targeted since 2019, primarily those headquartered in the United States. This time, the cybercriminals targeted U.S.-based companies Bemes, Inc., Spirit Leatherworks, and Robert F Pagano & Associates, as well as China-based firm Goldwind. While the hackers have claimed responsibility for these attacks, official statements from the affected companies are yet to verify this claim. The LockBit gang allegiance is thought to be with Russian organizations and, according to the U.S. Government, it has extorted approximately $91 million since 2020.

  • Bemes, Inc.: A company based in Fenton, Missouri that specializes in the rental, servicing, repair, and sale of respiratory and respiratory-related equipment.
  • Spirit Leatherworks: Based in Torrance, California, this company designs, manufactures, and distributes leather goods including bags, belts, and accessories.
  • Robert F Pagano & Associates: A business advisory and CPA firm based in Boston, Massachusetts.
  • Goldwind: A Chinese multinational that develops, manufactures, and markets wind turbine generators and related parts. It also constructs and operates wind power plants.

LockBit has been active for over four years and uses double extortion tactics, such as encrypting victims’ data and threatening to leak it if their demands are not met. They have targeted organizations worldwide, such as the Royal Mail and Boeing, and implemented innovative attack methods like self-spreading malware technology and double encryption. The Cybersecurity and Infrastructure Security Agency (CISA) reported that LockBit has carried out at least 1,700 cyberattacks on different U.S.-based companies, typically using confidential information as leverage for extortion.

Latest from Blog

Top VPN’s privacy claims confirmed by independent auditors

TLDR: Independent auditors from Deloitte Romania confirmed CyberGhost VPN’s privacy claims through a detailed audit of their systems. Auditors found that CyberGhost’s no-logs infrastructure works as expected, ensuring user data privacy. Independent

MediSecure hacked with massive ransomware data breach

Summary of ‘MediSecure hit by large-scale ransomware data breach’ TLDR: MediSecure, an Australian prescriptions provider, was hit by a large-scale ransomware attack. The incident is believed to have originated from one of

Equalizing cybersecurity for all

TLDR: A discussion on how organizations can enhance their cybersecurity posture with Blumira’s automated threat monitoring, detection, and response solutions. Blumira is working to lower the barrier to entry in cybersecurity for