LockBit 3.0 Ransomware Attack on IRC.be

Ransomware Attack Overview

The Belgian website IRC.be fell victim to a cyberattack by the LockBit 3.0 ransomware group. LockBit 3.0 is a form of malware used by cybercriminals to encrypt data and demand payment for its release.

Victim Profile

IRC.be, a Belgian company operating in the Software sector, offers a range of software services to streamline business processes through their own developed business tools. They focus on providing enterprise solutions, industry solutions, cloud computing, and high-speed internet services

Ransomware Group Profile

The LockBit 3.0 ransomware group, an evolution of the LockBit group, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates since January 2020. LockBit 3.0, also known as LockBit Black, is the latest variant of LockBit, introducing new features and capabilities. The group targets a wide range of businesses and critical infrastructure organizations, expanding its attack volume across various devices and operating systems.

Company Vulnerabilities

IRC.be, being a provider of software solutions, may have been targeted by threat actors due to the sensitive nature of the data they handle for their clients. Their focus on enterprise solutions and industry-specific tools could have made them an attractive target for cybercriminals seeking to disrupt business operations and extort money.

LockBit May Attacks

This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group that resurfaced following the disruption of its infrastructure during "Operation Cronos." Despite arrests and the dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. These assaults spanned various sectors and countries, showcasing LockBit's global reach and adaptability.

Sources:

• IRC.be
• Peppol Certified Service Providers
• VMware Blog
• SentinelOne
• Trend Micro