LockBit and FBI drama continues as the ransomware group resurfaces online after a takedown by law enforcement agents. The group didn’t only resurface online but also created a new .onion address for displaying their victim’s information. LockBit’s administrator acknowledged they lost some of their websites to law enforcement agents due to negligence regarding their PHP update. The group also claimed the clampdown by the FBI resulted from their January attack on Fulton County.
LockBit ransomware group has listed new victims on their website. The victims include
AeroMech Incorporated: The aviation company has over 200 employees and a $9.2 million revenue. AeroMech specializes in Aircraft engineering and certification services, STC, ODA, PMA, RVSM, CFD, RVSM Flight Testing, RVSM Certification, CAD/CAM, Aircraft Modification, Aircraft Engineering Design Services, TSOA, TSO, Aircraft Systems and Equipment, STC ODA, Aircraft Engineering and Flight Test, Aircraft Certification, Wifi, Satellite-Based Wifi Entertainment Systems, Wifi Entertainment Systems, and Antenna Installation.
Silgan Holdings: The company prides itself on being one of the leading global sustainable packaging providers for consumer goods products to many of the world’s best-known consumer products companies. Silgan has over 10000 employees and revenue of $6.1 billion.
Ernest Health: The healthcare company specializes in providing medical and rehabilitative services to patients through rehabilitation and long-term acute care hospitals. The company has over 5000 employees and a revenue of $188.2 million.
Latin America and Europe become the new targets of banking trojans. Cybersecurity researchers have warned about threat actors leveraging and weaponizing Google Cloud Run services to cause a spike in email phishing campaigns to deliver banking trojans like Astaroth, Mekotio, and Ousaban.
An ongoing click monetization and spam proliferation by ResurrecAds has hijacked over 8000 domains and 13000 subdomains owned by legitimate brands and institutions. According to one of the reports about the incident, “ResurrecAds’ manages an extensive infrastructure encompassing a wide array of hosts, SMTP servers, IP addresses, and even private residential ISP connections, alongside many additional owned domain names.” The campaign leverages people’s trust for the domains to circulate phishing emails and spam.
Professional Liability Fund has suffered an attack by the Medusa ransomware group. The company specializes in Primary Professional Liability Coverage, Excess Professional Liability Coverage, Claims Defense, Repair, Practice Management, Loss Prevention, and Personal Assistance through the Oregon Attorney Assistance Program and CLE. Professional Liability Fund has over 50 employees and $13.9 million in revenue.