LockBit claims seven new victims in ransomware spree

Ransomware gang LockBit has added seven new alleged victims to its dark web portal, including a UK fencing manufacturer. The new breaches continue a busy month for the Russian cybercriminal gang, which last week posted a batch of 15 victims to its blog.

All of the organisations have been given 16 days or under to corporate with ransom negotiations or they risk their data being leaked onto the dark web.

Seven victims claimed in LockBit ransomware spree

The group of organisations posted by LockBit hail from all over the world. They include UK-based Zaun, which manufactures metal fences, the DIFC courts with Dubai, which deal with business and some civil disputes, and two law firms: Bangkok-based Siam Premier, and Sweden’s Luterkort, which claims to be Malmo’s oldest active legal business.

LockBit #ransomware group has added 8 victims to their #darkweb portal:

– Zaun Limited🇬🇧
– Roxcel Trading 🇦🇹
– St Mary's School 🇿🇦
– MEAF Machines 🇦🇹
– Max Rappenglitz 🇩🇪
– Siam Premier 🇹🇭
– Luterkort Advokatbyrå 🇸🇪
– Majan 🇦🇪
– DIFC Courts 🇦🇪#DeepWeb #CybeRisk #CTI pic.twitter.com/5ImQbAJMr1
— FalconFeeds.io (@FalconFeedsio) August 13, 2023

The type of data LockBit claims to have stolen, or details of the ransoms demanded, are not detailed on the blog. Tech Monitor has reached out to the companies for comment, but none have responded at the time of writing.

LockBit ransomware gang gets prolific

The news of these new apparent victims comes less than a week after the gang added 15 organisations to its leak site, including the Californian city of El Cerrito, home to 25,000 residents, and a healthcare firm in the same US state called Varian, which specialises in oncology treatment. The gang has threatened to release medical data of cancer patients onto the dark web should the company refuse to pay a ransom.

Last month, LockBit attacked 10 victims in five days, including Japan’s largest trading port Nagoya, shutting it down completely and affecting the transportation of goods made by companies including automotive giant Toyota.

The cybercrime group amassed 39% of the ransomware victims worldwide from October 2022-May 2023, according to a report released by Akamai. Within those seven months, LockBit successfully attacked 1,091 organisations.

The gang’s success could be due to its innovation, the report suggests, as it continues to introduce novel techniques such as a bug bounty program, with cash rewards on offer for finding vulnerabilities in its code, or the use of Zcash, a privacy-focused cryptocurrency.

“Affiliates that work with LockBit and other notable variants are constantly revising the tactics, techniques and procedures used for deploying and executing ransomware,” a report about the gang by US government’s Cybersecurity and Infrastructure Security Agency (CISA) says.