LockBit 3.0 Ransomware Attack on DS Global Technology

Incident Date:

May 9, 2024

World map

Overview

Title

LockBit 3.0 Ransomware Attack on DS Global Technology

Victim

DS Global Technology

Attacker

Lockbit3

Location

Singapore, Singapore

, Singapore

First Reported

May 9, 2024

Ransomware Attack on DS Global Technology by LockBit 3.0

Company Profile

DS Global Technology is a technology company operating in the Software sector. They offer services including software development, web development, mobile app development, digital marketing, and IT consulting. The company works closely with clients to provide custom solutions tailored to their specific needs and business goals. DS Global Technology is a relatively small-sized company with a team of professionals. It stands out in the industry for its diverse range of services and personalized approach to client solutions. The company's commitment to meeting client needs and achieving business objectives makes them a trusted partner in the technology sector.

Vulnerabilities

DS Global Technology may have been targeted by Lockbit due to the sensitive data they handle. As a technology company, their systems may have vulnerabilities that cybercriminals exploit to gain unauthorized access and exfiltrate data.

LockBit 3.0 Ransomware Group

LockBit 3.0, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that evolved from the original LockBit group. This ransomware variant is considered one of the most dangerous and disruptive threats currently active. It encrypts files, modifies filenames, changes desktop wallpapers, and drops ransom notes on victims' desktops. LockBit 3.0 is known for its advanced capabilities, including lateral movement through networks and covering its tracks to evade detection.

LockBit May Attacks

This ransomware attack on DS Global Technology is part of the May 2024 attacks by LockBit 3.0. Following the disruption of its infrastructure in February during "Operation Cronos," LockBit resurfaced with increased activity, targeting over 50 victims within hours of reactivating its platform. The group's ability to regroup and strike back efficiently highlights the need for enhanced international cooperation and proactive cybersecurity measures to combat cybercrime effectively.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.