Skip to content

LockBit leverages botnets to send 9 million emails for ransom.

# New Jersey Cybersecurity Cell Warns of LockBit Black Ransomware Campaign

The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) recently issued a warning about the LockBit ransomware group’s latest tactics. Known as the LockBit Black Ransomware Campaign, this operation utilizes the Phorpiex Botnet to launch a massive phishing email onslaught. The Phorpiex Botnet has been active since April 2024, sending around 9 million emails with ZIP file attachments containing malicious payloads.

## LockBit 3.0 Botnet Utilized in Malicious Campaign

The attack method is simple: use the LockBit 3.0 version botnet to distribute malware. Once the recipient clicks on the attachment, a binary file is downloaded. Security researchers, such as Proofpoint, have analyzed the phishing emails associated with this campaign. They have noted various subject lines like “Your document,” “Photo of You,” and sender names such as Jenny Brown and Jenny Green. These emails come from over 1500 different addresses worldwide, covering regions like China, Russia, Iran, Uzbekistan, and Kazakhstan.

## Importance of Proactive Measures Emphasized

To effectively combat such threats, experts stress the need for proactive measures. NJCCIC recommends raising awareness among employees about common threats like phishing emails. Employees should be cautious when dealing with emails from unknown sources, as they often contain links to ransomware-related payloads. Despite law enforcement interventions and infrastructure seizures, the LockBit cybercriminal group continues to carry out profitable malicious campaigns. Implementing email filtering tools can help reduce the spread of spam and enhance defense mechanisms.

## Salfetka Group Announces Sale of INC Ransom Source Code

In a related development, the cybercrime group Salfetka, responsible for breaches targeting prominent organizations like Yamaha Motors, Xerox Business, and Scotland’s National Health Services, has revealed plans to sell the source code of INC Ransom for $300,000. This event highlights the evolving landscape of cyber threats and the profitable nature of ransomware operations.

### Key Points:
– LockBit Black Ransomware Campaign utilizes the Phorpiex Botnet for phishing attacks.
– Employees should be cautious of emails from unknown sources to prevent falling victim to ransomware.
– Implementing email filtering tools can enhance defense against spam and malware.
– Salfetka group announces the sale of INC Ransom source code for $300,000.
– Cyber threats continue to evolve, emphasizing the need for proactive cybersecurity measures.

In summary, the NJCCIC’s warning about the LockBit Black Ransomware Campaign underscores the persistent threat posed by cybercriminals. By staying vigilant, raising awareness among employees, and implementing robust security measures, organizations can better protect themselves against malicious attacks. The sale of ransomware source codes further highlights the lucrative nature of cybercrime, urging businesses to prioritize cybersecurity efforts.

Leave a Reply

Your email address will not be published. Required fields are marked *