The US Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, and Multi-State Information Sharing & Analysis Center have jointly issued a cybersecurity advisory detailing indicators of compromise (IoCs) and tactics, techniques, and procedures (TTPs) associated with the LockBit 3.0 ransomware. The malware operates under a ransomware-as-a-service model and is an update to LockBit 2.0 and LockBit. The ransomware is designed to infect machines with language settings that do not overlap with those specified in an exclusion list, which includes Romanian (Moldova), Arabic (Syria), and Tatar (Russia). The malware gains initial access to victim networks via remote desktop protocol exploitation, phishing campaigns, and abuse of valid accounts. Upon finding a successful ingress point, the malware establishes persistence, escalates privileges, carries out lateral movement, and purges log files before initiating the encryption routine. LockBit 3.0 has been responsible for 21% of ransomware attacks detected against critical infrastructure in Q4 2022, accounting for 40 incidents.
Source: The Hacker News
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.