Top ransomware group hit with DDoS attack, complains about injustice

Someone’s preventing hackers from leaking stolen data

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

In an unexpected turn of events, aransomwareoperator has found itself on the receiving end of a distributed denial of service (DDoS) attack, all because they tried to leak stolen data.

According to aBleepingComputerreport, the LockBit group breached theserversof Entrust, anidentity, payment, and data protection service provider, late last month.

The group deployed ransomware to Entrust’s servers, demanded an $8 million payout and stole files including legal documents, marketing spreadsheets, and accounting data.

After the negotiation between the group and the company broke down, LockBit publicly took responsibility for the attack, and last Friday decided to leak the stolen data. At that time, the Tor data leak site was brought offline by a DDoS attack powered by more than 1,000 servers, with LockBit laying the blame on Entrust.

Who is behind the attack?

“Ddos (sic) attack began immediately after the publication of data and negotiations, of course it was them, who else needs it? In addition, in the logs there is an inscription demanding the removal of their data,” LockBitSupp toldBleepingComputer.

Windows Defender hacked to deploy this dangerous ransomware>This ransomware spreads across hundreds of devices in no time at all>Get ultimate device protection with the very best antivirus

While it’s possible Entrust may be behind the attack, this would likely be the first time a legitimate company used illegal means to force a ransomware operator into compliance.

The attack could also have originated with anothermalwareor ransomware group which, for whatever reason, would benefit from LockBit removing Entrust’s data, or perhaps even the US government, security researcher Dominic Alvieri toldBleepingComputer.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Whoever it the culprit, the attack is not stopping LockBit just yet. The group says it intends to upload the data as a torrent, which would make it almost impossible to take down.

TechRadar Prohas asked Entrust for comment, but has not yet received a response.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Sihoo Doro S100 ergonomic office chair review