The cybercriminal group known as LockBit has released an improved 5.0 version of its ransomware (LockBit 5.0), which is “significantly more dangerous,” warns Trend Micro. The malware now attacks Windows, Linux, and VMware ESXi environments simultaneously.
Thanks to new obfuscation techniques, such as DLL reflection in Windows and aggressive packing, LockBit 5.0 evades known security solutions. The Linux version allows precise attacks on directories and file types via command lines. With VMware ESXi, the malware encrypts virtual machines, which can paralyze entire infrastructures. A random 16-digit file extension makes it difficult to recover encrypted data.
Trend Micro explains:
The existence of Windows, Linux, and ESXi variants confirms LockBit’s continued cross-platform strategy, enabling simultaneous attacks across entire enterprise networks including virtualized environments. Heavy obfuscation and technical improvements across all variants make LockBit 5.0 significantly more dangerous than its predecessors.
With LockBit pursuing a cross-platform ransomware strategy, the modular architecture and covert encryption routines now threaten workstations, servers, and hypervisors (virtual machine monitors) alike. “No operating system or platform can be considered safe from modern ransomware campaigns,” emphasizes Trend Micro.
Despite Operation Cronos, which took place in 2024 and saw authorities from 10 countries confiscate LockBit servers and keys, LockBit continues to show resilience. All three variants of LockBit are still active, which makes the group one of the most dangerous right now.
Companies should take comprehensive measures to guard against ransomware, including regular data backups, endpoint security, and special protection of virtualization infrastructures. Ransomware damage could involve everything from data loss to critical system shutdowns.
Further reading: How to turn on Windows’ ransomware protection
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.