"LockBit 3.0 Demands $60M From UK Car Dealership Pendragon"

Pendragon, a car dealership in the UK, has been added to the dark web blog belonging to the Ransomware-as-a-Service (RaaS) gang LockBit 3.0. The gang claims to have demanded $60 million in exchange for the return of 2 terabytes of data. Pendragon has refused to cooperate, recently announcing the leak. According to analysts, the cybercrime group may be rebranding to 4.0 after its builder was leaked in September, causing strange behavior. The gang claims to have stolen over two million files of various types. LockBit 3.0 refuses to reveal the reason for publishing the victim's data, but clarifies that all of the available data will be published, promising an update on the ransom on October 28. The company discovered that its servers were hacked, but the attackers only stole 5 percent of its database. LockBit 3.0 has been on a crime spree in recent months. The gang also recently targeted the UK-based insurer Kingfisher, claiming to have stolen 1.4 terabytes of data from the company, which has until November 28 to negotiate with the gang's demands. LockBit was identified as the cybercrime group responsible for the NHS attack in October. Staff was reduced to using pen and paper during the attack. The gang was responsible for 40 percent of all ransomware attacks in August, according to security firm NCC group, making it the most prolific ransomware that month. The gang is not without its own problems, as LockBit was also compromised in August. A Distributed Denial-of-Service (DDoS) attack was launched against LockBit's dark web server, which hosts leaks from companies ransomed by the gang. The LockBit 3.0 builder was leaked in September. The gang's behavior has become increasingly erratic since this point. According to Allan Liska, security lead at Recorded Future, at least ten 'new' LockBit ransomware variants have been spotted in the wild since the leak. This activity has fueled speculation that the gang will rebrand as LockBit 4.0. Nothing has been confirmed yet, but it appears that a change to the ransomware code or the creation of a new leak site is on the way. This article continues to discuss the posting of the car dealership Pendragon onto LockBit 3.0's victim blog and other recent activity of the RaaS gang.

Tech Monitor reports "LockBit 3.0 Demands $60M From UK Car Dealership Pendragon"

Submitted by Anonymous on