LockBit is clearly the leading group left standing...for now.
By Dominic Alvieri
January 30th, 2023
In the early morning hours of Thursday, January 26th a multi-governmental offensive seized the Hive Ransomware leak site. No arrests have been made in the never ending ransomware whack-a-mole game. LockBit is now the undisputed leading ransomware operation.
That evening LockBit was ready with a new game, comments and plenty of leaks ready to go. The Hive Ransomware leak site was seized early Thursday morning and the first comment or post from LockBit was a freaking game below.
The post above was removed by LockBit. Researchers at VX Underground were able to get a comment from Mr. LockBit about the post and the news that followed. LockBit is one group I do not have communications with and do not care to.
By Sunday evening it was business as usual as LockBit posted affiliate offerings of 14 new victims not willing to pay them from around the world.
Spain
France
Mexico
Austria
Albania
Portugal
Australia
United States
United Kingdom
Low lights from the new posts include PBS member television station KVIE in Sacramento, California, Air Albania, CPL Industries...
LockBit is clearly the top operation remaining and is arrogantly making it known. Alphv Black Cat Ransomware is behind LockBit and there is a clear distinction from the remaining groups including new up and coming Play Ransomware, Black Basta, Vice Society...
Several other groups and former members are not included in this article including Black Matter, DarkSide and the other variations, spinoffs and new groups pending like Endurance Ransomware.
No Hive arrests to date.
Affiliates have to go somewhere...
The never ending ransomware whack-a-mole game continues in 2023.
The Cyber Show
