Ransomware
LockBit 3.0
First seen: 2022-06 • Status: disrupted
Disrupted by Law Enforcement
LockBit 3.0 was the biggest ransomware gang until police from 11 countries took them down in 2024.
Overview
LockBit 3.0 was the most active ransomware until law enforcement action in February 2024. It introduced a bug bounty program.
Also Known As
LockBit Black
How It Spreads
- • RDP exploitation
- • Affiliates
- • Initial access brokers
What It Does
- • File encryption
- • Data theft
- • Bug bounty program
Is your business exposed?
Target Platforms
Windows, Linux, VMware ESXi, macOS
Detection Tips
- • Monitor for LockBit IOCs
- • Watch for affiliate TTPs
MITRE ATT&CK Techniques
T1486, T1567
If You're Infected
- 1.
Free decryptor may be available from law enforcement
- 2.
Contact NoMoreRansom.org
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required