Investigation discovered no proof of LockBit breach
Cybersecurity agency Darktrace says it discovered no proof that the LockBit ransomware gang breached its community after the group added an entry to their darkish internet leak platform, implying that they stole knowledge from the corporate’s programs.
Hours after the gang claimed DarkTrace as a sufferer on their knowledge leak web site, the corporate performed an investigation and located no proof of a breach of their programs.
“Our safety groups have run a full evaluation of our inside programs and might see no proof of compromise,” Darktrace stated.
On Friday, the corporate’s Chief Info Safety Officer Mike Beck reiterated the identical conclusion after a radical investigation of their programs.
“We have now accomplished a radical safety investigation following yesterday’s tweets by LockBit claiming they’d compromised Darktrace’s inside programs,” said Beck.
“We are able to affirm that there was no compromise of our programs or any of our affiliate programs. Our service to our prospects stays uninterrupted and is working as regular and no additional motion is required.”
It’s now obvious that LockBit tousled, complicated Darktrace with menace intelligence firm DarkTracer which tweeted in regards to the gang’s leak web site being flooded with pretend victims.
“The reliability of the RaaS service operated by LockBit ransomware gang appears to have declined,” DarkTracer stated.
“They seem to have turn out to be negligent in managing the service, as pretend victims and meaningless knowledge have begun to fill the record, which is being left unattended.”
This isn’t the primary time LockBit claimed they’d breached a cybersecurity firm’s programs by mistake or deliberately.
Final 12 months, in June, the ransomware gang additionally added Mandiant to their leak web site, saying that greater than 350,000 recordsdata they’d allegedly stolen could be revealed.
Nevertheless, because it occurred with Darktrace, Mandiant told BleepingComputer that it hadn’t discovered any proof of a breach.
In the long run, LockBit’s claims that they hacked Mandiant proved to be nothing greater than a feeble try and distance the operation from the Evil Corp cybercrime gang following a Mandiant report linking the 2 after Evil Corp switched to deploying LockBit ransomware of their assaults to evade U.S. sanctions.
Not like this week, when Darktrace was listed as a sufferer due to confusion, Mandiant being tagged as a sufferer was prompted by LockBit’s fears of misplaced income if victims stopped paying ransoms since the U.S. government sanctioned Evil Corp in December 2019.