LockBit is a cybercriminal group proposing ransomware as a service (RaaS). Software developed by the group (also called ransomware) enables malicious actors who are willing to pay for using it to carry out attacks in two tactics where they not only encrypt the victim's data and demand payment of a ransom, but also threaten to leak it publicly if their demands are not met.
via Wikipedia infobox
via Wikidata · CC0
LockBit is a cybercriminal group proposing ransomware as a service (RaaS). Software developed by the group (also called ransomware) enables malicious actors who are willing to pay for using it to carry out attacks in two tactics where they not only encrypt the victim's data and demand payment of a ransom, but also threaten to leak it publicly if their demands are not met.
LockBit operates using an affiliate-based ransomware-as-a-service (RaaS) model in which core developers maintain the malware, payment infrastructure and data leak sites, while affiliates are responsible for gaining initial access to victim networks and conducting lateral movement and data exfiltration. This division of roles enables scalable operations and has contributed to the group’s high incident volume across multiple sectors. Observed intrusion methods include the use of compromised credentials, exploitation of public-facing services and initial access brokers.
Discovered by embedding cosine similarity (sentence-transformers MiniLM, 384-dim).