LockBit Ransomware Distributed via Word Files Disguised as Resumes Posted By yeeun , January 18, 2024 AhnLab SEcurity intelligence Center (ASEC) has identified that LockBit ransomware is being distributed via Word files since last month. A notable point is that the LockBit ransomware is usually distributed by disguising itself as resumes, and recently found malicious Word files were also disguised as resumes [1]. The distribution method of LockBit ransomware using external URLs in Word files was first found in 2022 [2]. The recently discovered file names of malicious Word files are as follows. File name [[[231227_Yang**]]].docx…
2023 Sep – Deep Web and Dark Web Threat Trend Report Posted By ahnlabti , November 13, 2023 This trend report on the deep web and dark web of September 2023 is sectioned into Ransomware, Forums & Black Markets, and Threat Actors. We would like to state beforehand that some of the content has yet to be confirmed to be true. Ransomware – Akira – ALPHV (BlackCat) – LockBit – RansomedVC Forum & Black Market – Data Breach Affecting 7 Million Users – Personal Information of Police Officers Leaked Threat Actor – Prosecution of Individuals Associated with the…
Distribution of LockBit Ransomware and Vidar Infostealer Disguised as Resumes Posted By kwonxx , November 8, 2023 The distribution method involving the impersonation of resumes is one of the main methods used by the LockBit ransomware. Information related to this has been shared through the ASEC Blog in February of this year. [1] In contrast to the past where only the LockBit ransomware was distributed, it has been confirmed that an Infostealer is also being included in recent distributions. [2] (This link is only available in Korean.) ‘Resume16.egg’ holds the LockBit ransomware disguised as a PDF file…
2023 Aug – Deep Web and Dark Web Threat Trend Report Posted By ahnlabti , October 23, 2023 This trend report on the deep web and dark web of August 2023 is sectioned into Ransomware, Forums & Black Markets, and Threat Actors. We would like to state beforehand that some of the content has yet to be confirmed to be true. 1) Ransomware (1) ALPHV (BlackCat) (2) LockBit (3) NoEscape (4) MetaEncryptor (5) Rhysida 2) Forum & Black Market (1) The Return of Raccoon Stealer (2) Anonfiles Shut Down (3) Data Breach of Foreign Language Learning Website 3)…
