The Australian Cyber Security Centre (ACSC) has given out an alert about LockBit 2.0 after an increase in reports from organisations in the country impacted by the ransomware.

A range of sectors, such as professional services, construction, manufacturing, retail and food, have been attacked and victims typically receive demands for ransom payments and threats that stolen data will be published.

“The ACSC is monitoring the situation and is able to provide assistance and advice as required,” it added.

The LockBit 2.0 ransomware restricts access to corporate files and systems by encrypting them into a locked and unusable format. Victims receive instructions on how to engage with the offenders after encryption, the centre said, in an advisory on how to mitigate the harm caused by an attack.

LockBit affiliates are known to use the double extortion method by uploading stolen and sensitive information to their dark web site LockBit 2.0, and threaten to sell and/or release this information if their ransom demands are not met.

Offered as Ransomware-as-a-Service (RaaS), ‘LockBit 2.0’ was first advertised in June and allegedly bundled with a built-in information-stealing function, StealBit, according to the ACSC which noted: “Since January 2020, the LockBit operators have appeared on Russian-language cybercrime forums.”


PrivSec Global is back for another 2 information-packed days, featuring a series of brand new topics and themes.