LockBit attacks Entrust

The Lockbit ransomware gang has attacked Entrust. Entrust reportedly began informing customers in early June 2022 that it had suffered a cyberattack in which data was stolen from internal systems. "We have determined that some files were taken from our internal systems," Entrust said in a security notification. While the cybersecurity vendor has not shared any details regarding the attack, the LockBit ransomware gang claimed responsibility, posting Entrust's details and leaking a sample of stolen data on its data leak site. However, soon after LockBit began leaking data, its data leak site went offline, with the ransomware gang claiming it was suffering a DDoS attack. LockBit has been active since 2019 and is enabled with security tool evasion capabilities and an extremely fast encryption speed. LockBit is noted for using a triple extortion model where the victim may also be asked to purchase their sensitive information in addition to paying the ransom demand for decrypting systems. ‍ The group continues to improve its attack platform and introduced LockBit 3.0 in June of 2022, which bore some similarities to the BlackMatter ransomware. The latest version incorporates advanced anti-analysis features and is a threat to both Windows and Linux systems. LockBit employs a Base64-encoded hash and an RSA public key in its configuration and hashes it with MD5. LockBit also created its own bug bounty program.