Priya PatelTLDR:
- LockBit ransomware recently targeted the city of Calvià in Majorca, Spain, demanding a ransom of €10 million (approximately $11 million).
- The ransomware is known for targeting both Windows and Linux systems, making it a versatile tool for cybercriminals.
A devastating ransomware attack by LockBit recently targeted the charming city of Calvià in Majorca, Spain, which is well-known for its tourism appeal. This incident underscores the escalating audacity of ransomware groups targeting both governmental and corporate entities. ANY.RUN reported that the attack led to IT outages, suspending all administrative deadlines until January 31, 2024. Despite no specific ransomware group claiming responsibility, reports indicate a demand for €10 million (approximately $11 million). The city’s mayor, Juan Antonio Amengual, affirmed the city’s stance of not capitulating to the cybercriminals’ demands.
While primarily known for crippling Windows systems, the infamous LockBit ransomware poses a growing threat to Linux and MacOS users as well. This RaaS (Ransomware-as-a-Service) offering empowers even novice attackers with potent encryption capabilities, making it a versatile tool for cybercriminals. LockBit operates as a RaaS model, providing pre-built tools and infrastructure to its affiliates, democratizing cybercrime and potentially enabling less skilled attackers to launch sophisticated ransomware attacks.
LockBit stands out not just for its destructive capabilities but also for its surprisingly professional website and bug bounty program. Once it breaches a system, LockBit disarms defenses, propagates across the network, steals sensitive data, and encrypts critical files. The recent surge in LockBit activity corresponds with the Calvià attack, highlighting increased interest and detection by researchers.
The cause of the attack in Calvià remains unknown, but possible explanations include phishing, unpatched software vulnerabilities, and brute-forcing techniques. Organizations must prioritize cybersecurity basics, such as employee training, up-to-date software, strong authentication, access controls, and regular backups, to fortify their defenses against evolving ransomware tactics.
