Cybersecurity community spills LockBit 3.0 Ransomware business scheme attacking PDN


Heaptalk, Jakarta — The Cybersecurity Community Cyberity explained the business scheme of LockBit 3.0 ransomware, a cyber attack which recently hacked the National Data Center (PDN).

Cyberity Chairman Arif Kurniawan explained that LockBit has a Ransomware-as-a-service (RaaS) business model originating from Russia and affiliates worldwide.

“Currently, the developer of LockBit, Dmitry Yuryevich Khoroshey, is an international police fugitive. Dmitry managed to escape from Operation Cronos, a global law enforcement coalition joint operation conducted from early 2023 until May 2024,” said Arif.

He added that LockBit is one of the ‘unique’ cybercrime companies. They attack the cybersecurity of every country except Russia. Based on his view, this uniqueness has led many to suspect the involvement of Russian Security Services in the existence of the LockBit company.

Arif also reported that from June 2021 to January 2022, most LockBit attacks occurred in the United States (US), India, and Brazil. According to him, most attacks targeted the healthcare and education sectors.

“After attacking, LockBit demands a ransom of 20% per victim. Meanwhile, the remainder is given to the company’s affiliates.”

He added that LockBit provides a platform for extortion while affiliates negotiate. If LockBit conducts negotiations, it demands 30% to 50% of the profits.

“Ransom payments exceed USD500,000 using two payment wallets, with 20% for LockBit and 80% for affiliates,” he further explained.

Arif explained that several processes must be fulfilled to become a LockBit business affiliate. The most common is that affiliates determine their targets.

Furthermore, Arif said, based on the data he obtained, the LockBit Ransomware as a Service (RaaS) platform recruited 194 affiliates, but only 148 succeeded in launching attacks, and 80 received payments.

“Of the 114 affiliates (59%) failed to achieve a return on investment due to high competition, ineffective tactics, and inadequate support, resulting in many failures between the negotiation and payment stages,” he added.

In 2019, Arif continued, payments to LockBit averaged USD85,000 or Rp1.3 billion per victim (USD1 equal to Rp16,350 per US dollar). Meanwhile, LockBit’s profit was approximately USD100 million or Rp1.63 trillion that year.

“In 2023, LockBit is estimated to have obtained a profit of USD500 million or Rp8.17 trillion,” Arif concluded.


Sumber:


Leave a Reply

Your email address will not be published. Required fields are marked *