August 30, 2022

In order to improve the defenses against distributed denial-of-service (DDoS) attacks, LockBit is taking its operation to triple extortion level.

According to LockBitSupp, the public-facing figure of the LockBit ransomware operation, LockBit will add DDoS as an extortion tactic in addition to the encryption of data and leaking it.

“I am looking for dudosers [DDoSers] in the team, most likely now we will attack targets and provide triple extortion, encryption + date leak + dudos, because I have felt the power of dudos and how it invigorates and makes life more interesting,” LockBitSupp wrote in a post on a hacker forum.

The decision to launch a triple extortion type of attack follows a DDoS attack that the gang suffered after leaking data stolen from Entrust. DDoS, allegedly on behalf of Entrust, prevented LockBit from accessing data published on its corporate leaks site.

An already introduced method to prevent further DDoS attacks is to use unique links in the ransom notes for the victims.

LockBit also announced an increase in the number of mirrors and duplicate servers, as well as a plan to increase the availability of stolen data by making it accessible via a bulletproof storage device via the Clearnet.

The sources for this piece include an article in BleepingComputer.