Hacking assaults on two organizations in Kerala are attributed to the LockBit ransomware gang

Two Kerala-based organizations’ computer systems have been successfully breached by the infamous Russian ransomware LockBit, according to its claims. On its dark web domain, the LockBit ransomware claimed to have infected four Indian businesses, including Double Horse, a food manufacturing firm situated in Thrissur, and V-Star, an Ernakulam-based clothing manufacturer.

 

Other businesses on their list include the pharmaceutical firm Hetero, located in Hyderabad, and the Vadodara-based Vikrant Group, a maker of auto components.

It claims that images of bank account information, purchase orders, invoices, supplier information, computer drive content, and staff driver’s licenses are uploaded to its dark web page. Based on the publicly published images, it seems that staff members’ personal PCs or laptops have been infected with the LockBit ransomware.

Hacking computers belonging to different businesses, LockBit locks the system and demands a ransom. They will permanently lock the computer system and upload the obtained data to the dark web if the ransom is not paid.

V-Star IT officials said that they had learned about a cyberattack. A cyberattack was launched on our attendance system. We are currently fixing it. However, because we use a cloud-based system, nothing will change for our operations,” a V-Star representative said.

Double Horse has not yet addressed the situation. The hackers have set May 15 as the deadline for paying the ransom, albeit there is no information available on the sum required.

On Saturday, the private cyber security company Falconfeeds.io posted information about the data breach on its social media accounts. The CEO of Falconfeeds.io, Nandakishore Harikumar, said that the extent of the data leak is yet unknown.

“We are unsure of the extent to which these firms have been impacted by the data hack. On occasion, nevertheless, this ransomware manages to get private company data. Many organizations are unaware of the Center’s requirements, which require them to notify the Indian Computer Emergency Response Team in the event of a data breach. Some people don’t even call the police to report it, he added.

Roughly 20% of ransomware attacks in the previous year were caused by LockBit, which targeted a number of multinational companies like Boeing, the National Health Service of the United Kingdom, Royal Mail, and many foreign banks. The US Federal Bureau of Investigation (FBI) and other foreign law enforcement organizations shut down LockBit’s dark web activities in February of this year, interfering with the company’s operations. But LockBit just made a comeback with the 3.0 version (LockBit Black), ramping up its global cyberattacks.

The creator and administrator of the LockBit ransomware, Dimitry Yuryevich Khoroshev, is a Russian native, and the US set a $10 million reward on him last week.

22 Indian businesses are said to have been the target of LockBit ransomware last year.

One of the most well-known ransomware programs currently in use is LockBit. Every day, they breach the systems of around twenty different businesses and post their identities on their dark web page. LockBit collaborates with other hackers to function as a cohesive unit. They hack computer systems by taking advantage of flaws in them. They reported receiving $120 million in ransom last year, allegedly via the use of bitcoins. Such breaches are sometimes caused by inadequate security mechanisms. Many businesses are open to these kinds of cyberattacks because their operating systems (OS) are out of date, the speaker stated.