New ransomware variant strikes with sophisticated malware attack

The customized ransomware was particularly malicious, disabling Windows Defender, encrypting network shares, and erasing Windows Event Logs to conceal its activities.
ETCISO Desk
  • Updated On Apr 17, 2024 at 10:39 AM IST
Read by: 100 Industry Professionals
Reader Image Read by 100 Industry Professionals

A sophisticated cyberattack has hit an organization in West Africa, employing a new variant of the notorious LockBit 3.0 ransomware. Kaspersky's incident response team reported that the malware was spread by attackers impersonating an administrator, allowing them to infect multiple hosts and delve deep into the network infrastructure.

The customized ransomware was particularly malicious, disabling Windows Defender, encrypting network shares, and erasing Windows Event Logs to conceal its activities. It also targeted specific document and spreadsheet files, indicating a high level of customization and targeting precision. "The leaked privileged credentials used in this attack gave the perpetrators full control over the victim's infrastructure and helped hide their tracks," explained Cristian Souza, a Kaspersky incident response specialist.

Advt
This attack marks the first such incident in West Africa involving this LockBit variant, although Kaspersky has observed its use in other regions. The popularity of LockBit 3.0 among cybercriminals surged after its builder was leaked in 2022, enabling them to craft customized attacks without advanced programming skills. According to Trend Micro, LockBit was responsible for a quarter of all ransomware incidents in 2023.

Despite efforts by international law enforcement to dismantle the LockBit group, they claimed a swift recovery and resumed operations shortly after a takedown attempt by the Cronos Group in February 2024.

  • Published On Apr 17, 2024 at 10:39 AM IST
Be the first one to comment.
Comment Now

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles
Scan to download App