Blog | G5 Cyber Security

LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains

A new variant of LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. The LockBit ransomware first appeared in the threat landscape in September 2019, the author of the malware improved it over the years implementing new features and providing supports to their affiliates. LockBit operators set up their own leak site promoting the latest variant and advertising the LockBit2.0 affiliate program. The leak site provides a list of features implemented in the new variant, one of the most interesting is the capability to use group policy update to encrypt a Windows domain.”]

Source: https://securityaffairs.co/wordpress/120664/cyber-crime/lockbit-2-0-ransomware-group-policies.html

Exit mobile version