Gemini Advisory reports:
Gemini Advisory’s analysts uncovered a September 14, 2020 post on a Russian-language dark web forum by a cybercriminal group operating under the moniker “LockBit,” in which they advertised starting their own blog under the same name. LockBit is a Russian-language ransomware team, alongside “REvil”/”Sodinokibi” and “Maze,” that advertises its services on Russian-language dark web forums. Gemini has written a report, Ransomware – The New Cost of Business, that describes how ransomware teams are formed, their structure, and their operations. Additionally, the report describes the Ransomware-as-a-Service (RaaS) model, which these teams often adopt. Well-established ransomware teams use dark web forum platforms and their own blogs to intimidate victims into paying the ransom after an attack. This entry into the “big leagues” by LockBit was accompanied by a blog post with two databases from their victims: Yaskawa Electric Corporation and Overseas Express Shipping Company.
Read more on Gemini Advisory.