Executive Summary
- LockBit ransomware was previously known as ABCD ransomware and belonged to the Maze ransomware cartel, but started independent activity in September 2019 as the Maze gang announced its retirement.
- Instead of rebranding the existing name like other ransomware groups, LockBit updated its own brand to 2.0 in June 2021, and now updated to LockBit 3.0 in June 2022.
- The Beta version of LockBit 3.0 was first mentioned while recruiting web pentesters on an underground forum on March 30, 2022.
- The “Affiliate Rule” is more detailed than any other RaaS group, and as the Conti ransomware ceased operations, it is speculated there will be a shift between affiliates with LockBit.
- LockBit seems to be trying to strengthen external attacks and OPSEC by starting their own Bug Bounty Program.
👉 You can check the full report in S2W Medium: