lockbit2 attacks tingtong

Incident Date: Mar 11, 2022

Attack Overview

VICTIM

tingtong

INDUSTRY

Media & Internet

LOCATION

Slovenia

ATTACKER

Lockbit

FIRST REPORTED

March 11, 2022

Request Removal

Tingtong: A Media & Internet Company Targeted by Lockbit2 Ransomware

Tingtong, a company operating in the Media & Internet sector, has been targeted by the Lockbit2 ransomware group. The attack was announced on the group's dark web leak site, and the victim's website is currently unavailable. Although the company's size and specific vulnerabilities are not explicitly mentioned, the attack on Tingtong underscores the persistent threat of ransomware to businesses across various industries.

About Tingtong

Tingtong is a company that operates in the Media & Internet sector. Specific details about its size, unique features, or market position are not readily available. The company's website is currently inaccessible, suggesting that the ransomware attack has impacted its online presence.

Lockbit2 Ransomware

Lockbit2, active in the cybercrime ecosystem since 2019, rebranded to Lockbit2.0 in 2021, enhancing its capabilities with features such as self-propagation, removal of shadow copies, and bypassing User Account Control (UAC). Known for its rapid encryption process, Lockbit2 employs a multithreaded approach and partially encrypts files to expedite its attacks. The group has executed several high-profile attacks, targeting entities like Accenture among others.

Vulnerabilities and Mitigation

The precise vulnerabilities exploited in the attack on Tingtong remain unspecified. Nonetheless, ransomware attacks frequently leverage software flaws, outdated systems, or human errors, including phishing schemes or inadequate passwords. To counteract ransomware threats, organizations are advised to consistently update their software, enforce robust password policies, and conduct cybersecurity awareness training for their workforce.

The incident involving Tingtong and Lockbit2 serves as a stark reminder of the ransomware menace facing the Media & Internet sector. Although the exact vulnerabilities exploited in this instance are not detailed, businesses can adopt preventative measures such as software updates, strong password practices, and employee cybersecurity training to mitigate ransomware risks.

Sources

"LockBit Ransomware v2.0 - Chuong Dong" https://chuongdong.com/reverse%20engineering/2021/07/29/LockBitV2/
"The Alleged China Daily Data Breach Claimed by LockBit" https://www.databreaches.net/the-alleged-china-daily-data-breach-claimed-by-lockbit/
"Social Trends: Lockbit" https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/lockbit-ransomware-launches-lockbit-2-0
"Ransomware Posts - GitHub Pages" https://github.com/topics/ransomware

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.