Artwork

A tartalmat a Global Initiative Against Transnational Organized Crime biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Global Initiative Against Transnational Organized Crime vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
Player FM - Podcast alkalmazás
Lépjen offline állapotba az Player FM alkalmazással!

LockBit: Is this the end?

34:36
 
Megosztás
 

Manage episode 408889239 series 2738663
A tartalmat a Global Initiative Against Transnational Organized Crime biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Global Initiative Against Transnational Organized Crime vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.

LockBit, the world's largest ransomware-as-a-service (RaaS) provider suffered a very public takedown by an international law enforcement task force, Operation Cronos.

The ransomware behemoth quickly relaunched just days later. But in a world where trust is key, might the reputational damage be too great?

This is the story of the rise of LockBit, its relationship with other infamous cybercriminal groups, its uneasy relationship with some affiliates, its curious leader LockBitsupp, the public takedown and the relaunch, and what this means for the future of ransomware-as-a-service.

Speaker(s):

Koryak Uzan, Co-founder & Managing Director of PRODAFT

Links:

GITOC - The Rise and Fall of the Conti ransomware group

PRODAFT - LockBit: Behind the Lines of the Notorious RaaS

PRODAFT - The Demise of LOCKBIT: Disrupting the Most Prominent Ransomware Gang by Utilizing Upstream Threat Intelligence

https://twitter.com/PRODAFT

https://www.trendmicro.com/vinfo/gb/security/news/ransomware-by-the-numbers/lockbit-blackcat-and-clop-prevail-as-top-raas-groups-for-1h-2023

https://www.wired.com/story/lockbit-ransomware-takedown-website-nca-fbi/

https://krebsonsecurity.com/2024/02/fulton-county-security-experts-call-lockbits-bluff/

https://www.blackfog.com/the-top-10-ransomware-groups-of-2023/

https://go.recordedfuture.com/webinar/threat-briefing/lockbit-takedown

https://www.bloomberg.com/news/articles/2024-02-19/fbi-uk-crime-agency-say-they-have-disrupted-lockbit-hacking-gang?cmpid=cyber

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-returns-to-attacks-with-new-encryptors-servers/

https://www.nationalcrimeagency.gov.uk/news/nca-leads-international-investigation-targeting-worlds-most-harmful-ransomware-group

https://samples.vx-underground.org/tmp/Lockbit_Statement_2024-02-24.txt

https://therecord.media/lockbit-lied-about-deleting-exfiltrated-data-after-ransom-payments

https://www.sophos.com/en-us/content/state-of-ransomware

https://www.trendmicro.com/vinfo/gb/security/news/ransomware-spotlight/ransomware-spotlight-rhysida

https://www.theguardian.com/commentisfree/2024/feb/06/hacker-british-library-cybersecurity-cybercrime-uk

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-352a

https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-royal

https://www.reuters.com/technology/cybersecurity/blackcat-ransomware-site-claims-it-was-seized-uk-law-enforcement-denies-being-2024-03-05/

https://thehackernews.com/2024/03/exit-scam-blackcat-ransomware-group.html

https://twitter.com/ddd1ms/status/1764979901965201552

https://www.cpomagazine.com/cyber-security/under-increasing-federal-scrutiny-blackcat-ransomware-gang-pulls-exit-scam-on-its-way-out/

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/resurgence-of-blackcat-ransomware/

https://www.cpomagazine.com/cyber-security/blackcat-ransomware-gang-recovers-from-early-december-law-enforcement-operation-restores-websites-seized-by-doj/

https://www.darkreading.com/threat-intelligence/lockbit-leak-site-reemerges-week-after-complete-compromise-

https://www.linkedin.com/posts/prodaft_manual-ransomware-business-activity-7026870344648916992-mgZX/?originalSubdomain=nl

https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

https://home.treasury.gov/news/press-releases/jy2114

https://therecord.media/lockbit-affiliates-arrested-in-ukraine-poland

https://www.reuters.com/technology/cybersecurity/ukraine-arrests-father-son-duo-lockbit-cybercrime-bust-2024-02-21/

https://www.chainalysis.com/blog/lockbit-takedown-sanctions-february-2024/

https://www.europol.europa.eu/media-press/newsroom/news/law-enforcement-disrupt-worlds-biggest-ransomware-operation

https://analyst1.com/this-forum-is-a-bunch-of-communists-and-they-set-me-up-lockbit-spills-the-tea-regarding-their-recent-ban-on-russian-speaking-forums/

https://securityaffairs.com/149941/hacking/lockbit-3-leaked-code-usage.html

https://www.bankinfosecurity.com/ransomware-as-a-service-gang-lockbit-pays-first-50k-bounty-a-20099

https://therecord.media/wazawaka-cyber-most-wanted-interview-click-here

https://www.state.gov/the-department-of-state-announces-reward-offer-against-russian-ransomware-actor/

https://www.fbi.gov/wanted/cyber/mikhail-pavlovich-matveev

https://www.bleepingcomputer.com/news/security/evil-corp-switches-to-lockbit-ransomware-to-evade-sanctions/

https://resources.prodaft.com/fin7-cybercrime-gang

https://analyst1.com/ransomware-diaries-volume-1/

https://www.mimecast.com/content/darkside-ransomware/

https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-291a

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-goes-green-uses-new-conti-based-encryptor/

https://blog.talosintelligence.com/ransomware-affiliate-model/

https://www.csoonline.com/article/573937/with-conti-gone-lockbit-takes-lead-of-the-ransomware-threat-landscape.html

https://youtu.be/0EQenbbPSaE

https://threatpost.com/darkside-hackers-court-paying-affiliates/166393/

https://www.nytimes.com/2021/05/13/us/politics/biden-colonial-pipeline-ransomware.html

https://twitter.com/vxunderground/status/1568273779050127363?lang=en

https://twitter.com/vxunderground/status/1568981950043414530?lang=en

https://www.microsoft.com/en-us/msrc/bounty

https://bughunters.google.com/

https://www.bleepingcomputer.com/news/security/lockbit-30-introduces-the-first-ransomware-bug-bounty-program/

https://analyst1.com/lockbit-takedown-operation-cronos-a-long-awaited-psyops-against-ransomware/

https://twitter.com/vxunderground/status/1697027546452259277

https://twitter.com/NCA_UK/status/1759888184979157123

https://twitter.com/NCA_UK/status/1759873080069910955

https://twitter.com/NCA_UK/status/1759857979086499939

https://www.europol.europa.eu/media-press/newsroom/news/law-enforcement-disrupt-worlds-biggest-ransomware-operation

https://www.justice.gov/opa/pr/us-and-uk-disrupt-lockbit-ransomware-variant

https://twitter.com/NCA_UK/status/1759842879688655053

https://twitter.com/NCA_UK/status/1759906806044725514

https://therecord.media/an-interview-with-lockbit-the-risk-of-being-hacked-ourselves-is-always-present

  continue reading

44 epizódok

Artwork
iconMegosztás
 
Manage episode 408889239 series 2738663
A tartalmat a Global Initiative Against Transnational Organized Crime biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Global Initiative Against Transnational Organized Crime vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.

LockBit, the world's largest ransomware-as-a-service (RaaS) provider suffered a very public takedown by an international law enforcement task force, Operation Cronos.

The ransomware behemoth quickly relaunched just days later. But in a world where trust is key, might the reputational damage be too great?

This is the story of the rise of LockBit, its relationship with other infamous cybercriminal groups, its uneasy relationship with some affiliates, its curious leader LockBitsupp, the public takedown and the relaunch, and what this means for the future of ransomware-as-a-service.

Speaker(s):

Koryak Uzan, Co-founder & Managing Director of PRODAFT

Links:

GITOC - The Rise and Fall of the Conti ransomware group

PRODAFT - LockBit: Behind the Lines of the Notorious RaaS

PRODAFT - The Demise of LOCKBIT: Disrupting the Most Prominent Ransomware Gang by Utilizing Upstream Threat Intelligence

https://twitter.com/PRODAFT

https://www.trendmicro.com/vinfo/gb/security/news/ransomware-by-the-numbers/lockbit-blackcat-and-clop-prevail-as-top-raas-groups-for-1h-2023

https://www.wired.com/story/lockbit-ransomware-takedown-website-nca-fbi/

https://krebsonsecurity.com/2024/02/fulton-county-security-experts-call-lockbits-bluff/

https://www.blackfog.com/the-top-10-ransomware-groups-of-2023/

https://go.recordedfuture.com/webinar/threat-briefing/lockbit-takedown

https://www.bloomberg.com/news/articles/2024-02-19/fbi-uk-crime-agency-say-they-have-disrupted-lockbit-hacking-gang?cmpid=cyber

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-returns-to-attacks-with-new-encryptors-servers/

https://www.nationalcrimeagency.gov.uk/news/nca-leads-international-investigation-targeting-worlds-most-harmful-ransomware-group

https://samples.vx-underground.org/tmp/Lockbit_Statement_2024-02-24.txt

https://therecord.media/lockbit-lied-about-deleting-exfiltrated-data-after-ransom-payments

https://www.sophos.com/en-us/content/state-of-ransomware

https://www.trendmicro.com/vinfo/gb/security/news/ransomware-spotlight/ransomware-spotlight-rhysida

https://www.theguardian.com/commentisfree/2024/feb/06/hacker-british-library-cybersecurity-cybercrime-uk

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-352a

https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-royal

https://www.reuters.com/technology/cybersecurity/blackcat-ransomware-site-claims-it-was-seized-uk-law-enforcement-denies-being-2024-03-05/

https://thehackernews.com/2024/03/exit-scam-blackcat-ransomware-group.html

https://twitter.com/ddd1ms/status/1764979901965201552

https://www.cpomagazine.com/cyber-security/under-increasing-federal-scrutiny-blackcat-ransomware-gang-pulls-exit-scam-on-its-way-out/

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/resurgence-of-blackcat-ransomware/

https://www.cpomagazine.com/cyber-security/blackcat-ransomware-gang-recovers-from-early-december-law-enforcement-operation-restores-websites-seized-by-doj/

https://www.darkreading.com/threat-intelligence/lockbit-leak-site-reemerges-week-after-complete-compromise-

https://www.linkedin.com/posts/prodaft_manual-ransomware-business-activity-7026870344648916992-mgZX/?originalSubdomain=nl

https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

https://home.treasury.gov/news/press-releases/jy2114

https://therecord.media/lockbit-affiliates-arrested-in-ukraine-poland

https://www.reuters.com/technology/cybersecurity/ukraine-arrests-father-son-duo-lockbit-cybercrime-bust-2024-02-21/

https://www.chainalysis.com/blog/lockbit-takedown-sanctions-february-2024/

https://www.europol.europa.eu/media-press/newsroom/news/law-enforcement-disrupt-worlds-biggest-ransomware-operation

https://analyst1.com/this-forum-is-a-bunch-of-communists-and-they-set-me-up-lockbit-spills-the-tea-regarding-their-recent-ban-on-russian-speaking-forums/

https://securityaffairs.com/149941/hacking/lockbit-3-leaked-code-usage.html

https://www.bankinfosecurity.com/ransomware-as-a-service-gang-lockbit-pays-first-50k-bounty-a-20099

https://therecord.media/wazawaka-cyber-most-wanted-interview-click-here

https://www.state.gov/the-department-of-state-announces-reward-offer-against-russian-ransomware-actor/

https://www.fbi.gov/wanted/cyber/mikhail-pavlovich-matveev

https://www.bleepingcomputer.com/news/security/evil-corp-switches-to-lockbit-ransomware-to-evade-sanctions/

https://resources.prodaft.com/fin7-cybercrime-gang

https://analyst1.com/ransomware-diaries-volume-1/

https://www.mimecast.com/content/darkside-ransomware/

https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-291a

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-goes-green-uses-new-conti-based-encryptor/

https://blog.talosintelligence.com/ransomware-affiliate-model/

https://www.csoonline.com/article/573937/with-conti-gone-lockbit-takes-lead-of-the-ransomware-threat-landscape.html

https://youtu.be/0EQenbbPSaE

https://threatpost.com/darkside-hackers-court-paying-affiliates/166393/

https://www.nytimes.com/2021/05/13/us/politics/biden-colonial-pipeline-ransomware.html

https://twitter.com/vxunderground/status/1568273779050127363?lang=en

https://twitter.com/vxunderground/status/1568981950043414530?lang=en

https://www.microsoft.com/en-us/msrc/bounty

https://bughunters.google.com/

https://www.bleepingcomputer.com/news/security/lockbit-30-introduces-the-first-ransomware-bug-bounty-program/

https://analyst1.com/lockbit-takedown-operation-cronos-a-long-awaited-psyops-against-ransomware/

https://twitter.com/vxunderground/status/1697027546452259277

https://twitter.com/NCA_UK/status/1759888184979157123

https://twitter.com/NCA_UK/status/1759873080069910955

https://twitter.com/NCA_UK/status/1759857979086499939

https://www.europol.europa.eu/media-press/newsroom/news/law-enforcement-disrupt-worlds-biggest-ransomware-operation

https://www.justice.gov/opa/pr/us-and-uk-disrupt-lockbit-ransomware-variant

https://twitter.com/NCA_UK/status/1759842879688655053

https://twitter.com/NCA_UK/status/1759906806044725514

https://therecord.media/an-interview-with-lockbit-the-risk-of-being-hacked-ourselves-is-always-present

  continue reading

44 epizódok

Minden epizód

×
 
Loading …

Üdvözlünk a Player FM-nél!

A Player FM lejátszó az internetet böngészi a kiváló minőségű podcastok után, hogy ön élvezhesse azokat. Ez a legjobb podcast-alkalmazás, Androidon, iPhone-on és a weben is működik. Jelentkezzen be az feliratkozások szinkronizálásához az eszközök között.

 

Gyors referencia kézikönyv