The LockBit ransomware group’s latest tactics, as warned by the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC), involve the use of the Phorpiex Botnet in a large-scale phishing email onslaught. The campaign, known as the LockBit Black Ransomware Campaign, has been active since April 2024 and has sent around 9 million emails with ZIP file attachments containing malicious payloads.
The attack strategy is simple: employ the LockBit 3.0 version botnet to distribute malware. Once the recipient clicks on the attachment, a binary file is downloaded onto their system. Security experts, particularly from Proofpoint, have analyzed the phishing emails used in this campaign. These emails come with various subject lines like “Your document” and “Photo of You”, and use names such as Jenny Brown and Jenny Green. The emails come from over 1500 different addresses worldwide, originating from countries like China, Russia, Iran, Uzbekistan, and Kazakhstan.
To effectively combat such threats, experts stress the importance of proactive measures. NJCCIC recommends raising awareness among employees about common threats like phishing emails. Employees should exercise caution when dealing with emails from unknown sources, as they often contain links that lead to ransomware-related payloads. Despite several law enforcement interventions and seizures of their IT infrastructure, the LockBit cybercriminal group continues to carry out profitable malicious campaigns. Implementing email filtering tools to limit the spread of spam can offer an added layer of defense.
In a related development, the cybercrime group known as Salfetka, which has targeted companies like Yamaha Motors, Xerox Business, and Scotland’s National Health Services, has announced plans to sell the source code of INC Ransom for $300,000. This news highlights the changing landscape of cyber threats and the profitability of ransomware operations.
The ongoing efforts of cybercriminal groups to stay a step ahead of security measures underscore the need for continuous vigilance and updated security protocols. Organizations must remain informed about the latest tactics used by threat actors and prioritize cybersecurity awareness and training programs for their employees. With cyber threats becoming more sophisticated and lucrative, staying ahead of the curve in terms of cybersecurity defense is crucial for mitigating risks and protecting sensitive information.
English 
Albanian 
Serbian 
Croatian 