True Homes USA Hit by LockBit 3.0 Ransomware
Incident Date:
May 9, 2024
Overview
Title
True Homes USA Hit by LockBit 3.0 Ransomware
Victim
True Homes USA
Attacker
Lockbit3
Location
First Reported
May 9, 2024
Ransomware Attack on True Homes USA by LockBit 3.0
Company Profile
True Homes is a semi-custom home builder based in North Carolina that serves communities throughout the Carolinas, including Charlotte, Raleigh, Greensboro, High Point, Winston-Salem, Wilmington, and Charleston. The company was founded in 2008 and is headquartered at 2649 Brekonridge Centre Dr, Monroe, NC 28110. True Homes is a limited liability company (LLC) with approximately 400 employees. The company is led by President Mr. Scott Wentz. True Homes has built over 20,000 homes and has a 93% willingness to refer rating. The company has received over 20 national awards for its home designs and value. True Homes offers personalized semi-custom homes designed for each client's lifestyle.
LockBit 3.0 Ransomware Group
The LockBit 3.0 ransomware group is an evolution of the LockBit group, operating as a Ransomware-as-a-Service (RaaS) group. LockBit 3.0, also known as LockBit Black, is the latest variant of LockBit since July 2022, introducing new features and capabilities. The group behind LockBit 3.0 actively recruits affiliates and targets a wide range of businesses and critical infrastructure organizations. LockBit 3.0 encrypts files, modifies their filenames, changes the desktop wallpaper, and drops a ransom note on the victim's desktop. The ransomware is heavily obfuscated and protected against analysis, making it difficult for security researchers to study. LockBit 3.0 has been used to target major companies globally, including Boeing and the US division of the Chinese bank ICBC.
Ransomware Attack Details
True Homes, a website based in the USA, fell victim to a cyberattack perpetrated by LockBit 3.0. The attack technique employed was ransomware, with the attackers fully publishing the leaked data. This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group that resurfaced following the disruption of its infrastructure in February during "Operation Cronos." LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's resurgence prompts scrutiny of law enforcement's effectiveness in combating cybercrime, highlighting the necessity for enhanced international cooperation to tackle such syndicates effectively.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.