Triple extortion techniques are on the cards for the LockBit ransomware group, which has been seeking to bolster its defenses following a distributed denial-of-service attack allegedly conducted on behalf of digital security firm Entrust, which it had hacked in June, reports BleepingComputer.
While leaks of data belonging to Entrust have been temporarily halted by the DDoS attack, LockBit's public-facing figure LockBitSupp said that the operation has reemerged with a larger and more robust infrastructure that now includes DDoS among its extortion arsenal, which only previously included data encryption and leaks. "I am looking for dudosers [DDoSers] in the team, most likely now we will attack targets and provide triple extortion, encryption + date leak + dudos, because I have felt the power of dudos and how it invigorates and makes life more interesting," wrote LockBitSupp in a forum post. LockBitSupp added that the ransomware operation has already begun implementing unique links in victims' ransom notes in an effort to avert potential DDoS attacks, while more mirrors and duplicate servers, as well as increased stolen data availability are also being planned.
TechCrunch reports that U.S. conservative think tank The Heritage Foundation was working on addressing a cyberattack against its systems last week, but investigation into whether any of its data was compromised is still underway.
Nexperia had some of its servers confirmed to be compromised in a cyberattack last month following a report from Dutch broadcast firm RTL detailing attackers' claims of having exfiltrated hundreds of gigabytes of data from the Chinese-owned Dutch semiconductor manufacturer, according to Cybernews.
Iranian state-backed threat operation MuddyWater, also known as TA450, Mango Sandstorm, and Boggy Sandstorm, has leveraged the novel DarkBeatC2 command-and-control infrastructure tool as part of its latest attack campaign, The Hacker News reports.