Tag Archive for: rebranding

LockBit copycat DarkVault spurs rebranding rumor

/in


DarkVault, a new ransomware group with a website resembling LockBit’s, may be the latest in a string of copycats mimicking the notorious ransomware-as-a-service (RaaS) gang.  

Security researcher Dominic Alvieri called attention to a redesign of DarkVault’s website on Wednesday. Alvieri’s post on X included a screenshot of a new homepage sporting LockBit’s distinctive style, including a red and white color scheme and similar page headings.

LockBit’s logo was also found on the DarkVault blog. The group’s older website features an image of a black cat lying on a vault, potentially a reference to another ransomware gang, ALPHV/BlackCat.

Cybernews reported that DarkVault may be an attempt by LockBit to rebrand, but Alvieri later clarified that the intention of his post was to make fun of the “copycats.”

DarkVault had posted nine alleged victims on its LockBit imitation site as of Thursday, according to Dark Web Informer, which previously discovered the older DarkVault website with no victims listed on March 29.

LockBit imposters leverage leaked 2022 RaaS builder

DarkVault would not be the first cybercrime group to imitate LockBit, with several using LockBit’s name, branding and leaked ransomware builder in their own attacks.

Trellix noted this trend in a blog published Thursday, which also described the partial revival of the original LockBit since its infrastructure was disrupted by law enforcement in February.  

The builder for the LockBit 3.0 ransomware, also known as LockBit Black, was leaked by one of the gang’s own developers in 2022 – since then, many threat actors have used the builder in their own attacks.

Some use the code as-is with minimal changes, such as the addition of their own version of the ransom note, while others have used the builder as a foundation for new ransomware strains, the researchers from Trellix’s Advanced Research Center wrote.

Dragonforce and Werewolves are two ransomware groups that emerged in 2023 using LockBit Black in their attacks. Dragonforce was found to be using the LockBit code as-is last September, with the exception of the ransom note, while Werewolves is believed to potentially have LockBit affiliates on its team due to…

Source…

Ransomware attacks decrease, operators started rebranding

/in


Positive Technologies experts have analyzed the Q3 2021 cybersecurity threatscape and found a decrease in the number of unique cyberattacks. However, there’s been an increase in the share of attacks against individuals, and also a rise in attacks involving remote access malware.

ransomware attacks decrease

The number of attacks in Q3 decreased by 4.8% compared to the previous quarter—the first time since the end of 2018 that Positive Technologies has recorded a negative trend. The researchers believe one key reason for the change is the decrease in ransomware attacks and the fact that some major players have quit the stage. This is also why the share of attacks aimed at compromising corporate computers, servers, and network equipment has fallen, from 87% to 75%.

“This year we saw the peak of ransomware attacks in April when 120 attacks were recorded. There were 45 attacks in September, down 63% from the peak in April. The reason is that several large ransomware gangs stopped their operation, and law enforcement agencies started paying more attention to the problem of ransomware attacks (due to recent high-profile attacks),” said Ekaterina Kilyusheva, Head of Research and Analytics, Positive Technologies.

Researchers also noted a trend toward the rebranding of existing ransomware gangs: Some operators are rethinking their preference for the Ransomware as a Service (RaaS) scheme, which carries certain risks from unreliable partners.

Kilyusheva explains: In Q2, we predicted that one of the possible scenarios of ransomware transformation would be that groups abandon the RaaS model in its current form. It is much safer for ransomware operators to hire people who will deliver malware and search for vulnerabilities as permanent ‘employees.’ It will be safer for both parties, as more organized and efficient all-in-one forms of cooperation can be created. In Q3, we saw the first steps in this direction. An additional boost for this transformation is the development of the market of initial access.”

The research shows that although the share of malware attacks on organizations decreased by 22%, the attackers’ appetite for data also led to an increase in the use of remote access trojans. In…

Source…

SnapAV rebranding as Snap One

/in


SnapAV, distributor of a multitude of security, A/V, and networking products and the owner of smart home tech maker Control4, announced on Tuesday that it is rebranding as Snap One.

In a briefing with members of the media ahead of the announcement, Kordon Vaughn, VP of Marketing for Snap One, said that given the evolution of the industry and company itself, the name SnapAV just did not fit anymore.

“We’ve been kicking this around, thinking about this for quite a while and we said, ‘ok, what are our priorities? What are our goals?’ All of these things boiled down to these two thoughts: the first is we want our name to reflect who we are and embrace our aspirations for the future,” Vaughn explains.

After considering this, Vaughn says they felt the name ‘Snap One’ best encapsulated who the company is and what they want to accomplish in the marketplace, which is to be the “one” partner that integrators can depend on. 

“We first took on the name ‘Snap’ to represent our mission to make our partners’ lives easier. Every interaction an integrator has with us needs to be simple, a ‘snap,’ so that was the purpose of our founding and that remains our purpose today. As we think about our aspirations for the future and boil that down into a simple sentence it is this: it is to be an integrator’s most valued, most trusted partner – the one they keep coming back to again and again because they depend on us because we solve the problems for them.” 

Having a name that resonated with integrators beyond the AV market also factored into the rebranding decision, according to Vaughn.

“We’ve had instances where we’ve gone to tradeshows, had conversations with potential new customers and they said, ‘oh, I thought you were an A/V company. You sell all these different things that I can use in my business?’ he says. “Clearly, we’re moving away from that – we’ve been doing it as company for some time – but the name kind of got in the way.”

Vaughn says that the rebrand will have relatively little impact on how integrators interact with the company on a day-to-day basis and that things will remain business as usual from that…

Source…