How did LockBit Get So Popular in the Cybercrime World?

Diving into details

• LockBit is one of the most prominent RaaS operations, which has constantly evolved since its emergence in 2019.
• Its operators sell the program to affiliates who get a cut of 75% of the ransom paid by the victims.
• The group engages in double extortion, similar to most ransomware groups today.

LockBit 2.0

• The gang began gaining momentum in the second half of 2021 by launching LockBit 2.0. 
• During Q1 2022, this variant was the most widely deployed and impactful in all the ransomware breaches observed. 
• Its data leak site listed 850 victims, however, the gang claimed to have breached more than 12,000 victims so far.

LockBit 3.0

• With this latest version, the RaaS launched the first-ever ransomware bug bounty program. 
• LockBit 3.0 urged researchers to submit bug bounty reports for rewards ranging from $1,000 to $1 million. 
• It has, furthermore, introduced new extortion tactics and accepts Zcash as payment.

Some stats your way

• In Q1 2022, LockBit accounted for 40% of ransomware attacks against the financial sector.
• After replacing Conti as the most active gang, LockBit disclosed 226 victims on its leak site in the period. 
• In 2021, LockBit breached 58 critical infrastructure organization networks - stated the FBI. It mainly focused on financial services, healthcare and public health, and government sectors.

The bottom line