Menu
On Wednesday 11th of January 2023, the UK’s largest mail delivery service, Royal Mail disclosed a cyber attack against them that forced them to halt their international shipping services. Then on Thursday 12th of January 2023, it was reported by news outlets that the cyber attack was confirmed to be a ransomware attack by an individual using the LockBit 3.0 encryptor. This confirmation came after ransom notes were being printed out where the notes included multiple links to the LockBit ransomware operation’s Tor data leak sites and negotiation sites.
Initially, the LockBit ransomware gang denied responsibility for the cyber attack against Royal Mail, and they blamed it on other threat actors using their leaked builder which was leaked in September 2022 via Twitter. However, the LockBit operation has now confirmed that it is behind the attack on Royal Mail in a post to a Russian-speaking hacking forum as they publicly stated that they determined which affiliate conducted the attack and will only provide a decryptor and delete stolen data after a ransom is paid.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
