The dark web gets even darker

Ransomware first came on the scene in 1989 via hackers mailing out a floppy disk.

Called the AIDS trojan; if you put the disk in your computer it would lock up. You were then asked to send $189 to a P.O. Box in Panama to restore your computer.

Times have changed. In recent years, ransomware sometimes asks for millions of dollars in payments to restore infected systems.

Working in technology for over 25 years, ransomware is the worst cyber threat I have ever seen.

The cyber threat group Lockbit is now the No. 1 player on the ransomware scene. They are behind almost half (44%) of the reported attacks in the world last year, according to Deep Instinct, an Israeli cybersecurity company.

Mind you, this is not a rag-tag band of digital thieves; they operate like any legitimate large business. They utilize a network of subcontractors (they call them affiliates, like Mary Kay) to distribute malware by selling ransomware tool kits on the dark web (RAAS — ransomware as a service).

Once that happens, an up-and-coming hacker goes on the dark web, buys the tool kit, and then distributes it (via email attacks and other hacks).

Once they have a victim and receive payment, they share it with Lockbit.

Having a highly effective distribution system is not the only corporate similarity. They have a robust PR team and they do interviews with the media.

Let’s not forget marketing too, they run ads online to recruit affiliates. Shady forums like XSS (Russian hacker forum) have some of their ads, you can check them out here on this non-dark website.

Lockbit also invests in R & D — speaking of that and Russian dark web forums, let’s go back to what Lockbit did in June 2022 when the pandemic was heating up. Lockbit sponsored a contest together on the dark web with a cash prize for an innovative paper on new methods of cybercrime, hacking, viruses, malware, etc. This is the first time I have heard of anything like this and it’s a frightening indicator of the people behind this gang.

They sponsor hacking initiatives and by doing so are coaching up the next generation of hackers and separating the script, kids (hacker lingo) from the real bad actors.

Envision Credit Union in Tallahassee knows this…