Summary:

• LockBit is a ransomware-as-a-service (RaaS) group that has been active since 2019.

• The group is known for its aggressive tactics, including threatening to publish stolen data if victims do not pay the ransom.

• However, a new report by Jon DiMaggio of Analyst1 claims that LockBit is having trouble publishing stolen data due to limitations in its backend infrastructure and available bandwidth.

• DiMaggio says that LockBit has recently updated its infrastructure, but this is a gimmick to make it appear that the problem has been fixed.

• As a result of these issues, LockBit’s reputation has been tarnished and some of its top affiliates have left for other ransomware groups.

• It remains to be seen whether LockBit can address its infrastructure issues and regain its former prominence.

Additional details:

• The group’s attacks have targeted a wide range of victims, including businesses, government agencies, and healthcare organizations.

• LockBit typically demands a ransom of several million dollars in exchange for not publishing stolen data.

• The group has a reputation for being very aggressive and has been known to follow through on its threats to publish stolen data.