LockBit 2.0 ransomware counters Microsoft Defender and ready to create havoc

LockBit 2.0 ransomware counters Microsoft Defender and ready to create havoc

Cyberthreats such as ransomware grow more devilish by the day. LockBit 2.0, a specific breed of ransomware-as-a-service that’s escalated the stakes associated with suffering a ransomware attack.

LockBit’s evolved since those days, keeping up with the latest tech and trends. Now, the world is faced with LockBit 2.0, which can not only encrypt networks via group policy updates but can hijack connected printers to print a non-stop stream of ransom notes (a ransomware feature seemingly designed to get victims’ attention).

While the printer spam is self-explanatory, here’s a more detailed breakdown of that network encryption item. When bad guys take the reins of a domain controller, LockBit 2.0 then distributes itself to domains. It will create new group policies that cut off Microsoft Defender and its defense mechanisms and create policies that launch the ransomware.

Today, the world is faced with LockBit 2.0, this ransomware has been around for a while, as far back as 2019. Recently evolved with technology and trends to produced what is capable of:

1. Cutting off Microsoft Defender and its defense mechanisms and create policies that launch the ransomware.

2. Hijacking connected printers to print a non-stop stream of ransom notes

3. Encrypting networks via group policy updates.

4. Automatically be distributed through a Windows domain, with no scripts required.

“This is the first ransomware operation to automate this process, and it allows a threat actor to disable Microsoft Defender and execute the ransomware on the entire network with a single command,” ethical hacker Vitali Kremez told BleepingComputer.

 

Share Post:

You may also like

Endpoint Security for Your Business

Endpoint Security for Your Business

Facebook0Tweet0LinkedIn0Email0 What is Endpoint security? Endpoint security, also known as endpoint protection, refers to the defense of internet-connected devices such as...

Safeguard remote working with 6 months’ FREE protection for Microsoft Office 365

Safeguard remote working with 6 months’ FREE protection for Microsoft Office 365

Facebook0Tweet0LinkedIn0Email0 Working remotely is now mandatory for many – including some that have never even considered it before. IT leaders...

Back to Top