LockBit’s latest ransomware is now automating its encryption of a Windows domain using Active Directory group policies.
LockBit typically ransoms victims for $85,000 and recently made news when they hit the UK’s Merseyrail. LockBit generously shares 70-80% of ransom payments with their recruited affiliates.
In a recent announcement, the group released a new features list that included the ability to easily and automatically disable Microsoft Defender then execute ransomware on an entire network. The group is also borrowing Egregor’s “print bomb” trick that continually prints ransom notes from all networked printers.
While ransomware gangs are always adding new tools to their arsenal, these behaviors are easily stopped. Acronis Cyber Protect’s Active Protection recognizes these malicious behaviors and stops them.
#LockBit #ransomware #Egregor #printbomb #Acronis #CyberFit #CyberProtection #AcronisCyberProtectCloud #CyberSecurityNews #CPOCNews #CPOC #CyberSecurity #CyberProtect
Don’t get caught unaware. Stay up-to-date on what’s happening in the cyber protection world. Subscribe for more news from our Cyber Protection Operation’s Center.
Learn more about #CyberProtection: