lockbit2 attacks tingtong

Incident Date:

March 11, 2022

World map



lockbit2 attacks tingtong






Pot v Bitnje, Slovenia

Kranj, Slovenia

First Reported

March 11, 2022

Tingtong: A Media & Internet Company Targeted by Lockbit2 Ransomware

Tingtong, a company operating in the Media & Internet sector, has been targeted by the Lockbit2 ransomware group. The attack was announced on the group's dark web leak site, and the victim's website is currently unavailable. Although the company's size and specific vulnerabilities are not explicitly mentioned, the attack on Tingtong underscores the persistent threat of ransomware to businesses across various industries.

About Tingtong

Tingtong is a company that operates in the Media & Internet sector. Specific details about its size, unique features, or market position are not readily available. The company's website is currently inaccessible, suggesting that the ransomware attack has impacted its online presence.

Lockbit2 Ransomware

Lockbit2, active in the cybercrime ecosystem since 2019, rebranded to Lockbit2.0 in 2021, enhancing its capabilities with features such as self-propagation, removal of shadow copies, and bypassing User Account Control (UAC). Known for its rapid encryption process, Lockbit2 employs a multithreaded approach and partially encrypts files to expedite its attacks. The group has executed several high-profile attacks, targeting entities like Accenture among others.

Vulnerabilities and Mitigation

The precise vulnerabilities exploited in the attack on Tingtong remain unspecified. Nonetheless, ransomware attacks frequently leverage software flaws, outdated systems, or human errors, including phishing schemes or inadequate passwords. To counteract ransomware threats, organizations are advised to consistently update their software, enforce robust password policies, and conduct cybersecurity awareness training for their workforce.

The incident involving Tingtong and Lockbit2 serves as a stark reminder of the ransomware menace facing the Media & Internet sector. Although the exact vulnerabilities exploited in this instance are not detailed, businesses can adopt preventative measures such as software updates, strong password practices, and employee cybersecurity training to mitigate ransomware risks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.