The LockBit ransomware group recently announced that it is improving its distributed denial-of-service (DDoS) attack defenses and are working to take the operation to triple extortion level. The gang recently experienced a DDoS attack, allegedly on behalf of the security firm Entrust, preventing access to the information posted on LockBit’s corporate leaks website. LockBit ransomware attacked Entrust on June 18 and stole data from the company. LockBit declared that it would disclose all the stolen data on August 19 if Entrust did not pay the ransom. This did not happen, as the gang’s leak site was hit by a DDoS attack. LockBitSupp, the public face of the LockBit ransomware gang, declared that the group is operational again with a larger infrastructure to mitigate the impact of DDoS attacks. The previous DDoS attack was seen as a chance to experiment with a triple extortion strategy in order to increase pressure on victims to pay a ransom. According to LockBitSupp, the ransomware operator wants to add DDoS as an additional form of extortion on top of encrypting and leaking data. “I am looking for dudosers [DDoSers] in the team, most likely now we will attack targets and provide triple extortion, encryption + date leak + dudos, because I have felt the power of dudos and how it invigorates and makes life more interesting,” stated LockBitSupp.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in