{"id":6347,"date":"2022-02-05T17:31:14","date_gmt":"2022-02-05T08:31:14","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=6347"},"modified":"2022-03-30T17:34:56","modified_gmt":"2022-03-30T08:34:56","slug":"fbi-releases-flash-alert-against-lockbit-2-0-ransomware","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/fbi-releases-flash-alert-against-lockbit-2-0-ransomware\/","title":{"rendered":"FBI releases flash alert against LockBit 2.0 ransomware"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"6347\" class=\"elementor elementor-6347\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-b1fea23 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"b1fea23\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-123d84e\" data-id=\"123d84e\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d27be8e elementor-widget elementor-widget-text-editor\" data-id=\"d27be8e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>On Friday 4<sup>th<\/sup> of February 2022, the US Federal Bureau of Investigation (FBI) released a flash alert about indicators of compromise associated with LockBit 2.0 ransomware. The flash alert details the advances to the LockBit 2.0 since the LockBit ransomware gang became active in September 2019. LockBit 2.0 is the second iteration of the original LockBit ransomware which was released in June 2021 after the gang had been banned from posting on cybercrime forums. With the second iteration, many advanced features were included like \u201cthe automatic encryption of devices across windows domains by abusing Active Directory group policies\u201d. The alert also states that the gang also had tried to recruit insiders of potential victims to establish initial access by promising a portion of the proceeds of a successful attack. The gang was observed developing a Linux-based malware which would target vulnerabilities within VMWare ESXi virtual machines.<\/p><p>There has been no clear reason for why this flash alert has been released now although the FBI are now asking admins and cybersecurity professionals to share any information on LockBit attacks with them.<\/p><p>\u00a0&#8220;The FBI is seeking any information that can be shared, to include boundary logs showing communication to and from foreign IP addresses, a sample ransom note, communications with the threat actors, Bitcoin wallet information, the decryptor file, and\/or a benign sample of an encrypted file.&#8221; &#8211; US Federal Bureau of Investigation.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>On Friday 4th of February 2022, the US Federal Bureau of Investigation (FBI) released a flash alert about indicators of compromise associated with LockBit 2.0 ransomware. The flash alert details the advances to the LockBit 2.0 since the LockBit ransomware gang became active in September 2019. LockBit 2.0 is the second iteration of the original LockBit ransomware which was released<span class=\"excerpt-hellip\"> [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":6352,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,10,12,9,2,1],"tags":[],"class_list":["post-6347","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-latest_news","category-latest_vulnerabilities","category-read_article","category-ransomware_criminals","category-ce_news","category-uncategorized"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2022\/03\/Picture1-4.jpg?fit=1377%2C919&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6347"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=6347"}],"version-history":[{"count":6,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6347\/revisions"}],"predecessor-version":[{"id":6355,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6347\/revisions\/6355"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/6352"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=6347"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=6347"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=6347"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}