The FBI, CISA, and MS-ISAC released a joint advisory about the Lockbit 3.0 ransomware. Lockbit has been a persistent malware since its emergence in late 2019, with two major versions known as Lockbit 2.0 and Lock 3.0, being released in mid-22021 and June 2022, respectively. Lockbit only targets machines whose language settings do not overlap with those in a list, including Romanian (Moldova), Arabic (Syria), and Tatar (Russia). Lockbit has accumulated at least $100 million in profits, and has affected at least 1,000 victims globally, with cybersecurity firm Dragos stating that Lockbit 3.0 has been responsible for 40 out of 189 ransomware attacks against critical infrastructure in Q4 2022. Despite its widespread damages, the responsible actors suffered a major setback when the builder code for Lockbit 3.0 was released. Additionally, decryption tools are continuously being developed, with Kaspersky releasing a free decryption program for anyone who was affected by ransomware based on the Conti source code.
