Project Hyphae
Search

FBI Issues APB: Lockbit 2.0

Share This Post

FBI Issues warning to be on the lookout for Lockbit 2.0 IoCs

The FBI has issued a flash report detailing Lockbit 2.0 Ransomware-as-a-Service tactics along with a growing list of Indicators of Compromise. The threat actors utilize multiple avenues to gain access to the victim’s network, then deploy tools to elevate privileges, exfiltrate the victim’s data, and execute the LockBit encryption malware. The attack is followed up with demands to pay the ransom or have the stolen data published on the internet.

Lockbit 2.0 is now upgraded to utilize Active Directory group policy to auto-encrypt domain connected devices, as well as abuse vulnerabilities in VMWare ESXi virtual machines.

FBI Flash Report: https://www.ic3.gov/Media/News/2022/220204.pdf



Reach out to our incident response team for help

More To Explore

Information Security News – 4/14/2025

Oracle Confirms “Obsolete Servers” Hacked Article link: https://www.bleepingcomputer.com/news/security/oracle-says-obsolete-servers-hacked-denies-cloud-breach/    Phishing Kits Now Vet Victims in Real-Time Before Stealing Credentials Article link: https://www.bleepingcomputer.com/news/security/phishing-kits-now-vet-victims-in-real-time-before-stealing-credentials/    Neptune RAT

Marcus Cylar April 14, 2025

Information Security News – 4/7/2025

Criminal Group Claims Responsibility for Cyberattack on Minnesota Casino Article Link: https://cdcgaming.com/brief/cybersecurity-incident-at-minnesota-tribal-community-casino-prompts-shutdown/ As CISA Downsizes, Where Can Enterprises Get Support? Article Link: https://www.darkreading.com/cybersecurity-operations/roundtable-cisa-downsizes-where-can-enterprises-look-support Oracle Privately

Jo Moldenhauer April 7, 2025

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.