LockBit 3.0 Ransomware Attack on IRC.be: A Cybersecurity Overview
Incident Date:
May 7, 2024
Overview
Title
LockBit 3.0 Ransomware Attack on IRC.be: A Cybersecurity Overview
Victim
IRC.be
Attacker
Lockbit3
Location
First Reported
May 7, 2024
LockBit 3.0 Ransomware Attack on IRC.be
Ransomware Attack Overview
The Belgian website IRC.be fell victim to a cyberattack by the LockBit 3.0 ransomware group. LockBit 3.0 is a form of malware used by cybercriminals to encrypt data and demand payment for its release.
Victim Profile
IRC.be, a Belgian company operating in the Software sector, offers a range of software services to streamline business processes through their own developed business tools. They focus on providing enterprise solutions, industry solutions, cloud computing, and high-speed internet services
Ransomware Group Profile
The LockBit 3.0 ransomware group, an evolution of the LockBit group, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates since January 2020. LockBit 3.0, also known as LockBit Black, is the latest variant of LockBit, introducing new features and capabilities. The group targets a wide range of businesses and critical infrastructure organizations, expanding its attack volume across various devices and operating systems.
Company Vulnerabilities
IRC.be, being a provider of software solutions, may have been targeted by threat actors due to the sensitive nature of the data they handle for their clients. Their focus on enterprise solutions and industry-specific tools could have made them an attractive target for cybercriminals seeking to disrupt business operations and extort money.
LockBit May Attacks
This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group that resurfaced following the disruption of its infrastructure during "Operation Cronos." Despite arrests and the dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. These assaults spanned various sectors and countries, showcasing LockBit's global reach and adaptability.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.