LockBit’s dirty little secret: ransomware gang is failing to publish victims’ data

Summary:

• LockBit is a ransomware-as-a-service (RaaS) group that has been active since 2019.
• The group is known for its aggressive tactics, including threatening to publish stolen data if victims do not pay the ransom.
• However, a new report by Jon DiMaggio of Analyst1 claims that LockBit is having trouble publishing stolen data due to limitations in its backend infrastructure and available bandwidth.
• DiMaggio says that LockBit has recently updated its infrastructure, but this is a gimmick to make it appear that the problem has been fixed.
• As a result of these issues, LockBit's reputation has been tarnished and some of its top affiliates have left for other ransomware groups.
• It remains to be seen whether LockBit can address its infrastructure issues and regain its former prominence.

Additional details:

• The group's attacks have targeted a wide range of victims, including businesses, government agencies, and healthcare organizations.
• LockBit typically demands a ransom of several million dollars in exchange for not publishing stolen data.
• The group has a reputation for being very aggressive and has been known to follow through on its threats to publish stolen data.