|
gptkbp:instanceOf
|
malware
|
|
gptkbp:acceptsPaymentMethod
|
gptkb:Bitcoin
gptkb:cryptocurrency
gptkb:Monero
|
|
gptkbp:affiliatedWith
|
cybercriminals worldwide
|
|
gptkbp:associatedWith
|
cybercrime
ransomware attacks
data breaches
|
|
gptkbp:countryOfOrigin
|
unknown
|
|
gptkbp:firstAppearance
|
September 2019
|
|
gptkbp:hasWebsite
|
dark web leak site
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
LockBit ransomware
|
|
gptkbp:language
|
gptkb:Chinese
gptkb:Russian
English
|
|
gptkbp:lawEnforcementResponse
|
FBI takedown (2024)
Operation Cronos
|
|
gptkbp:notableBattle
|
Accenture (2021)
Bangkok Airways (2021)
Canadian SickKids Hospital (2022)
City of Oakland (2023)
Royal Mail (2023)
|
|
gptkbp:notableVariant
|
gptkb:LockBit_2.0
gptkb:LockBit_3.0
gptkb:LockBit_Black
gptkb:LockBit_Green
LockBit Red
|
|
gptkbp:operatedBy
|
LockBit gang
|
|
gptkbp:operatingSystem
|
gptkb:Windows
gptkb:Linux
|
|
gptkbp:prohibits
|
gptkb:Armenia
gptkb:Belarus
gptkb:Kazakhstan
gptkb:Kyrgyzstan
gptkb:Moldova
gptkb:Russia
gptkb:Tajikistan
gptkb:Turkmenistan
gptkb:Ukraine
gptkb:Uzbekistan
gptkb:CIS_countries
|
|
gptkbp:ransomModel
|
gptkb:Ransomware-as-a-Service
|
|
gptkbp:ransomNoteExtension
|
.abcd
.lockbit
.lockbit2
.lockbit3
|
|
gptkbp:spreadTo
|
malicious email attachments
malvertising
drive-by downloads
compromised credentials
exploiting unpatched software
|
|
gptkbp:status
|
active (as of 2024)
|
|
gptkbp:supportsAlgorithm
|
gptkb:Elliptic_Curve_Cryptography
gptkb:RSA
gptkb:AES
hybrid encryption
|
|
gptkbp:target
|
businesses
healthcare organizations
government organizations
critical infrastructure
|
|
gptkbp:technique
|
phishing
data exfiltration
exploiting vulnerabilities
double extortion
remote desktop protocol brute force
automatic propagation
|
|
gptkbp:usesMalware
|
crypto-ransomware
|
|
gptkbp:bfsParent
|
gptkb:Conti_ransomware
|
|
gptkbp:bfsLayer
|
7
|