>
The LockBit ransomware group, with its LockBit 3.0 encryptor, was the most prominent and malicious organization in the cybercrime community last year, according to a new report.
Trustwave’s “year in review” review claims LockBit 3.0 has maintained its status as the most notorious ransomware (opens in new tab) player due to high pay that recruits experienced malicious actors, constant purchase of new exploits, as well as a bug bounty program that offers highly paid bounties, which is reportedly a first for a ransomware group.
“With all of these programs and the continued effectiveness of the group, (LockBit) is predicted to remain the most active and effective group for the foreseeable future,” says Trustwave.
New ransomware versions
In 2022, the group also released LockBit 3.0, the latest version of their ransomware, which included a number of new features such as automatic permission elevation, disabling Windows Defender, a “safe mode” to bypass antivirus solutions, and a multi-encryption system. that reduces the chances of a third party providing a working decryptor.
As a result, the researchers claim that nearly half (44%) of all successful ransomware attacks last year were carried out using LockBit.
Other major groups wreaking havoc in the cyber world in 2022 include BlackBasta (whose researchers suspect strong ties to once leaders, Conti), Hive (whose partner model earned it the title of “most impressive ransomware operator”), and BlackCat (AKA ALPHV).
About one-tenth (9%) of all ransomware attacks reported in Q3 2022 were believed to have been carried out using Hive, with a further 6.5% on BlackCat.
Going forward, the researchers don’t think ransomware will disappear any time soon. The average cost of an attack ranged between $570,000 and $812,360 according to Cloudally’s figures, making it one of the most lucrative and thus most popular attack vectors.