LockBit 3.0 Ransomware Attack on Ayuntamiento de Torre Pacheco

Incident Date:

May 9, 2024

World map

Overview

Title

LockBit 3.0 Ransomware Attack on Ayuntamiento de Torre Pacheco

Victim

Ayuntamiento de Torre Pacheco

Attacker

Lockbit3

Location

Torre Pacheco, Spain

, Spain

First Reported

May 9, 2024

Ransomware Attack on Ayuntamiento de Torre Pacheco by LockBit 3.0

Victim Profile

The Ayuntamiento de Torre Pacheco is the local administration of the municipality of Torre Pacheco in the Region of Murcia, Spain. They operate in the Government sector and their official website is torrepacheco.es. The town council provides information about local news, events, services, and resources for residents and visitors. They also use the website as a platform for local government announcements and communication with the community.

The Town Council of Torre Pacheco operates from Murcia, Spain. They recently announced the launch of three employment projects subsidized by the Employment and Training Service (SEF), demonstrating their commitment to supporting local employment initiatives.

Ransomware Attack Details

The cyberattack on the Ayuntamiento de Torre Pacheco was carried out by LockBit 3.0, utilizing ransomware to encrypt files or systems and demand payment for decryption. The impact or outcome of the attack has not been disclosed, but the use of LockBit 3.0 indicates a sophisticated and dangerous threat to the organization.

Company Vulnerabilities

The Ayuntamiento de Torre Pacheco, being a local government entity, may have vulnerabilities in their cybersecurity defenses due to the sensitive nature of the information they handle. The town hall, being a local government entity, may have vulnerabilities in its cybersecurity defenses due to the nature of its operations. Government organizations are often targeted by threat actors due to the sensitive information they handle and the potential impact of disrupting their services

Ransomware Group Profile

The LockBit 3.0 ransomware group is an evolution of the LockBit group, known for its Ransomware-as-a-Service (RaaS) model. LockBit 3.0, also referred to as LockBit Black, is the latest variant of the ransomware, introducing new features and capabilities. The group actively recruits affiliates and targets a wide range of businesses and critical infrastructure organizations, making it a significant threat in the cybersecurity landscape.

Ransomware Penetration

LockBit 3.0 distinguishes itself by its advanced encryption techniques, obfuscation methods, and the ability to move laterally through a network to cover its tracks. The ransomware group's affiliate-based approach allows for widespread attacks on various devices and operating systems, making it challenging for security researchers to analyze and defend against.

LockBit May Attacks

This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group that resurfaced with vigor following the disruption of its infrastructure in February during "Operation Cronos." Despite arrests and the dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform, with subsequent attacks adding to the tally. These assaults spanned various sectors and countries, showcasing LockBit's global reach and adaptability.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.