Abstract：FINRA warns of LockBit ransomware surge, urging heightened cybersecurity vigilance. Protect your organization from this malicious threat.

https://bit.ly/3FQeKMd - 📧 The LockBit ransomware, notorious for its distribution method impersonating resumes, has evolved. Recent attacks now include the Vidar Infostealer alongside the ransomware, a development shared through the ASEC Blog earlier this year. The malware is typically concealed within email attachments, masquerading as innocuous files like PDFs or PPTs, but harboring malicious content. #LockBitRansomware #CyberThreat #MalwareDistribution 💻 Once executed, LockBit 3.0 encrypts files on the user’s PC, sparing only PE files. The ransomware then displays an infection screen and a ransom note, demanding payment for file decryption. Meanwhile, the Vidar Infostealer establishes communication with a Telegram channel, using it as a command-and-control (C2) server. This technique enables it to bypass network detection by frequently changing C2 servers. #LockBit3 #CyberSecurity #RansomwareAttack 🌐 The Vidar Infostealer's functionality includes connecting to its actual C2 server to download necessary DLL files for conducting malicious activities. It then transfers exfiltrated information back to the C2 server. This two-pronged attack approach of combining ransomware with an infostealer presents a sophisticated and heightened cyber threat. #VidarInfostealer #DataBreach #CyberDefense 🛡️ Given the increased sophistication of these attacks, corporations are urged to update their anti-malware software to the latest versions, and users are advised to exercise increased caution with email attachments. Anti-malware solutions like AhnLab’s V3 have been updated to detect and block these threats effectively.