Tag: lockbit
-
Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges
A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme.Rostislav Panev was previously arrested in Israel in August 2024. He is said to have been…
-
LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.
The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. The dual Russian-Israeli national was arrested in Israel in 2024 and faces charges related…
-
Suspected LockBit Ransomware Developer Extradited to US
Feds Accuse Dual Russian-Israeli National of Serving as Key Member of Operation. An accused developer for Russian-speaking ransomware group LockBit, 51-year-old Rostislav Panev, appeared in a U.S. courtroom after being extradited from Israel. The dual Russian and Israeli citizen faces a 41 count superseding criminal indictment charging him with being a key member of the…
-
Accused LockBit ransomware developer extradited to the US
The U.S. Department of Justice announced that Rostislav Panev, who developed code and maintained infrastructure for LockBit, is now in U.S. custody. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/14/developer-of-lockbit-ransomware-gets-extradited-to-the-united-states/
-
Suspected LockBit ransomware dev extradited to United States
A dual Russian-Israeli national, suspected of being a key developer for the LockBit ransomware operation, has been extradited to the United States to face charges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/suspected-lockbit-ransomware-dev-extradited-to-united-states/
-
LockBit Ransomware Developer Extradited to US
Russian-Israeli LockBit ransomware developer Rostislav Panev has been extradited from Israel to the United States. The post LockBit Ransomware Developer Extradited to US appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/lockbit-ransomware-developer-extradited-to-us/
-
New kids on the ransomware block channel Lockbit to raid Fortinet firewalls
It’s March already and you haven’t patched? First seen on theregister.com Jump to article: www.theregister.com/2025/03/14/ransomware_gang_lockbit_ties/
-
U.S. Charges LockBit Ransomware Developer in Cybercrime Crackdown
The U.S. Department of Justice has charged Rostislav Panev, a dual Russian and Israeli national, for his role as a developer of the notorious LockBit ransomware group. Panev, 51, was arrested in Israel in August following a U.S. provisional arrest request, and he is currently awaiting extradition to the United States. This action marks a…
-
SuperBlack ransomware may have ties to LockBit
Forescout researchers report on a new ransomware gang that appears to be keeping the legacy of the notorious LockBit crew alive First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620584/SuperBlack-ransomware-may-have-ties-to-LockBit
-
The state of ransomware: Fragmented but still potent despite takedowns
Tags: ai, alphv, antivirus, attack, backup, cloud, control, cyber, cybercrime, cybersecurity, data, ddos, detection, endpoint, extortion, firewall, group, incident response, intelligence, law, leak, LLM, lockbit, malware, network, ransom, ransomware, service, software, tactics, threat, tool, usa, zero-trustRunners and riders on the rise: Smaller, more agile ransomware groups like Lynx (INC rebrand), RansomHub (a LockBit sub-group), and Akira filled the void after major takedowns, collectively accounting for 54% of observed attacks, according to a study by managed detection and response firm Huntress.RansomHub RaaS has quickly risen in prominence by absorbing displaced operators…
-
US Cybercom, CISA retreat in fight against Russian cyber threats: reports
Tags: apt, blizzard, china, cisa, cyber, cybersecurity, data, government, group, hacker, infrastructure, international, iran, lockbit, microsoft, ransomware, risk, risk-management, russia, threatPurported shift at CISA away from reporting on Russian threats: Shortly after The Record issued its report, The Guardian reported that the US Cybersecurity and Infrastructure Security Agency (CISA) sent an internal memo setting out new priorities for the agency, including China but excluding Russia. One source said analysts at the agency were verbally informed…
-
The New Ransomware Groups Shaking Up 2025
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year’s total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of…
-
Ransomware-Szene im Umbruch: Aktuelle Entwicklungen und wichtige Trends
Ransomware bleibt eine ständige Bedrohung, verändert sich jedoch stetig. Während große Akteure wie LockBit und ALPHV/BlackCat verschwinden, rücken neue Gruppen nach. Ransomware-as-a-Service (RaaS) entwickelt sich weiter, und sogar Staaten wie Russland und Nordkorea nutzen sie als Einnahmequelle. Neben diesem Strukturwandel zeichnen sich markante Trends ab. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/cybersecurity/ransomware-szene-im-umbruch-aktuelle-entwicklungen-und-wichtige-trends/
-
Fragmentierung und Partnerwechsel: Strukturwandel in der Ransomware-Szene
Das Damoklesschwert Ransomware ist nicht neu, aber es schlägt immer etwas anders aus. Große Akteure wie LockBit und ALPHV/BlackCat sind scheinbar passé, doch in entstehende Lücken drängen neue, noch nicht etablierte Gruppen. Die Ransomware-as-a-Service (RaaS)-Gruppen revidieren zudem ihre interne Arbeitsaufteilung und -organisation. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ransomware-szene-im-umbruch
-
LockBit taunts FBI Director Kash Patel with alleged “Classified” leak threat
LockBit claims to have “classified information” for FBI Director Kash Patel that could “destroy” the agency if leaked. The ransomware gang LockBit sent a strange message to newly appointed FBI Director Kash Patel, they offer alleged “classified information” that could “destroy” this agency if publicly disclosed. The ransomware group published the message on their dark…
-
Siberia’s largest dairy plant reportedly disrupted with LockBit variant
Reports said the dairy company Sayanmoloko’s plant in Semyonishna was attacked with LockBit ransomware, possibly because of its support for Russian troops in Ukraine. Company printers reportedly churned out leaflets. First seen on therecord.media Jump to article: therecord.media/siberia-dairy-plant-cyberattack-lockbit-variant
-
From Confluence Vulnerability (CVE-2023-22527) to LockBit Encryption: A Rapid Attack Chain
Security researchers at The DFIR Report have uncovered a highly coordinated attack that leveraged a critical remote code First seen on securityonline.info Jump to article: securityonline.info/from-confluence-vulnerability-cve-2023-22527-to-lockbit-encryption-a-rapid-attack-chain/
-
LockBit Ransomware Strikes: Exploiting a Confluence Vulnerability
Tags: attack, cvss, cyber, data-breach, exploit, lockbit, malicious, ransomware, remote-code-execution, vulnerability, windowsIn a swift and highly coordinated attack, LockBit ransomware operators exploited a critical remote code execution vulnerability (CVE-2023-22527) in Atlassian Confluence servers, targeting an exposed Windows server. This vulnerability, rated CVSS 10.0, enabled unauthenticated attackers to execute arbitrary commands by injecting malicious Object-Graph Navigation Language (OGNL) expressions into improperly sanitized template files. The attack commenced…
-
A landscape forever altered? The LockBit takedown one year on
The NCA-led takedown of the LockBit ransomware gang in February 2024 heralded a transformative year in the fight against cyber crime. One year on, we look back at Operation Cronos and its impact First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619310/A-landscape-forever-altered-The-LockBit-takedown-one-year-on
-
Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers
Dutch police seized 127 servers of the bulletproof hosting service Zservers/XHost after government sanctions. On February 11, 2025, the US, UK, and Australia sanctioned a Russian bulletproof hosting services provider and two Russian administrators because they supported Russian ransomware LockBit operations. Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov are the two Russian nationals and administrators of Zservers.…
-
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024
RansomHub emerges as a major ransomware threat in 2024, targeting 600 organizations after ALPHV and LockBit disruptions. Group-IB… First seen on hackread.com Jump to article: hackread.com/ransomhub-king-of-ransomware-600-firms-2024/
-
LockBit crackdown continues with Zservers sanctions
Tags: lockbitFirst seen on scworld.com Jump to article: www.scworld.com/news/lockbit-crackdown-continues-with-zservers-sanctions
-
Feds Sanction Russian Cybercrime Bulletproof Hosting Service
US, UK and Australia Target Zservers for Supporting LockBit, Other Cybercrime Groups. A Russian bulletproof hosting service used by cybercriminals including the LockBit ransomware group has been sanctioned by Australian, British and American agencies. Zservers has been advertised in criminal forums as an aid to avoid law enforcement investigations and takedowns. First seen on govinfosecurity.com…
-
Feds Sanction Russian Hosting Provider for Supporting LockBit Attacks
US, UK, and Australian law enforcement have targeted a company called Zservers (and two of its administrators) for providing bulletproof hosting services to the infamous ransomware gang. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/feds-sanction-russian-hosting-provider-lockbit-attacks
-
US Treasury Sanctions Russian Bulletproof Hosting Provider Zservers for Supporting LockBit Ransomware Attacks
The U.S. Department of the Treasury, in a coordinated effort with Australia and the United Kingdom, has announced First seen on securityonline.info Jump to article: securityonline.info/us-treasury-sanctions-russian-bulletproof-hosting-provider-zservers-for-supporting-lockbit-ransomware-attacks/
-
Russian bulletproof hosting service Zservers sanctioned by US for LockBit coordination
The U.S., the U.K. and Australia sanctioned Russia-based Zservers, connecting the Russian company’s internet hosting services to the LockBit ransomware operation. First seen on therecord.media Jump to article: therecord.media/zservers-russia-bulletproof-hosting-us-uk-sanctions
-
UK, US, Oz blast holes in LockBit’s bulletproof hosting provider Zservers
Tags: lockbitUK foreign secretary says Putin is running a ‘corrupt mafia state’ First seen on theregister.com Jump to article: www.theregister.com/2025/02/11/aukus_zservers_lockbit_sanctions/
-
AUKUS blasts holes in LockBit’s bulletproof hosting provider
Tags: lockbitUK foreign secretary says Putin is running a ‘corrupt mafia state’ First seen on theregister.com Jump to article: www.theregister.com/2025/02/11/aukus_zservers_lockbit_sanctions/