On 19 December 2024 at 00:03 UTC, ransomware group LockBit announced the release of LockBit 4.0 on its leak site (DLS). Known for its aggressive tactics and frequent updates, LockBit introduces an even more advanced version of its ransomware, promising to further intensify threats to organisations globally.
The announcement is accompanied by a provocative recruitment campaign aimed at potential collaborators, emphasising the software’s ease of use and promising substantial rewards for cyber criminals.
This approach underlines their efforts to expand the RaaS (Ransomware-as-a-Service) network, attracting new affiliates and consolidating their position in the cyber threat landscape.
One of the most worrying aspects is the expiration of one of their campaigns set for 3 February 2025, warning organisations against the evolving tactics of groups such as LockBit.
This development underlines the urgency of a collective effort to combat cybercrime through cooperation between companies, government institutions and security experts.
LockBit 4.0: how to prevent
The introduction of LockBit 4.0 unequivocally highlights the need to take a proactive, layered approach to cybersecurity. It is imperative to implement 24/7 monitoring and response systems that not only detect anomalies in real time, but are also able to respond promptly to any emerging threats.
Regular updates of operating systems and applications to address known vulnerabilities should not be neglected, while implementing secure backups ensures rapid data recovery in the event of a ransomware attack.
Continuous employee training is another essential pillar: computer security awareness programmes should be designed to educate staff to recognise phishing attempts and other social engineering techniques. Periodic simulations of attacks can improve staff readiness and responsiveness.
The adoption of advanced threat intelligence tools provides up-to-date information on emerging threats, while behavioural analysis based on artificial intelligence can identify anomalous activities that might escape traditional controls.
Cyber Intelligence Priority
Only through information sharing between organisations, public and private entities can we effectively fight groups like LockBit. Cyber intelligence must be considered a strategic priority.
As a company specialising in cybersecurity, we have thoroughly analysed this new version of LockBit to provide our customers with effective protection against emerging threats. Our research enables us to quickly identify vulnerabilities, improve defences and ensure a rapid and coordinated response to attacks. We remain committed to supporting organisations in strengthening their cyber resilience against increasingly sophisticated adversaries.
Analysis by Vasily Kononov – Threat Intelligence Lead, CYBEROO
