lockbit2 attacks tingtong
Tingtong: A Media & Internet Company Targeted by Lockbit2 Ransomware
Tingtong, a company operating in the Media & Internet sector, has been targeted by the Lockbit2 ransomware group. The attack was announced on the group's dark web leak site, and the victim's website is currently unavailable. Although the company's size and specific vulnerabilities are not explicitly mentioned, the attack on Tingtong underscores the persistent threat of ransomware to businesses across various industries.
About Tingtong
Tingtong is a company that operates in the Media & Internet sector. Specific details about its size, unique features, or market position are not readily available. The company's website is currently inaccessible, suggesting that the ransomware attack has impacted its online presence.
Lockbit2 Ransomware
Lockbit2, active in the cybercrime ecosystem since 2019, rebranded to Lockbit2.0 in 2021, enhancing its capabilities with features such as self-propagation, removal of shadow copies, and bypassing User Account Control (UAC). Known for its rapid encryption process, Lockbit2 employs a multithreaded approach and partially encrypts files to expedite its attacks. The group has executed several high-profile attacks, targeting entities like Accenture among others.
Vulnerabilities and Mitigation
The precise vulnerabilities exploited in the attack on Tingtong remain unspecified. Nonetheless, ransomware attacks frequently leverage software flaws, outdated systems, or human errors, including phishing schemes or inadequate passwords. To counteract ransomware threats, organizations are advised to consistently update their software, enforce robust password policies, and conduct cybersecurity awareness training for their workforce.
The incident involving Tingtong and Lockbit2 serves as a stark reminder of the ransomware menace facing the Media & Internet sector. Although the exact vulnerabilities exploited in this instance are not detailed, businesses can adopt preventative measures such as software updates, strong password practices, and employee cybersecurity training to mitigate ransomware risks.
Sources
- "LockBit Ransomware v2.0 - Chuong Dong" https://chuongdong.com/reverse%20engineering/2021/07/29/LockBitV2/
- "The Alleged China Daily Data Breach Claimed by LockBit" https://www.databreaches.net/the-alleged-china-daily-data-breach-claimed-by-lockbit/
- "Social Trends: Lockbit" https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/lockbit-ransomware-launches-lockbit-2-0
- "Ransomware Posts - GitHub Pages" https://github.com/topics/ransomware
Disclaimer
The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources. By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!