Jun 08 2022

Mandiant: “No evidence” we were hacked by LockBit ransomware

Category: Hacking,RansomwareDISC @ 8:23 am

Mandiant: “No evidence” we were hacked by LockBit ransomware

American cybersecurity firm Mandiant is investigating LockBit ransomware gang’s claims that they hacked the company’s network and stole data.

The ransomware group published a new page on its data leak website earlier today, saying that the 356,841 files they allegedly stole from Mandiant will be leaked online.

“All available data will be published!” the gang’s dark web leak site threatens under a timer showing just under three hours left until the countdown ends.

LockBit has yet to reveal what files it claims to have stolen from Mandiant’s systems since the file listing on the leak page is empty.

However, the page displays a 0-byte file named ‘mandiantyellowpress.com.7z’ that appears to be related to a mandiantyellowpress.com domain (registered today). Visiting this page redirects to the ninjaflex.com site.

When BleepingComputer reached out for more details on LockBit’s claims, the threat intel firm said it hadn’t yet found evidence of a breach.

“Mandiant is aware of these LockBit-associated claims. At this point, we do not have any evidence to support their claims. We will continue to monitor the situation as it develops,” Mark Karayan, Mandiant’s Senior Manager for Marketing Communications, told BleepingComputer.

These claims come after Mandiant revealed in a report published last week that the Russian Evil Corp cybercrime group has now switched to deploying LockBit ransomware on targets’ networks to evade U.S. sanctions.

Mandiant announced in March that it entered into a definitive agreement to be acquired by Google in an all-cash transaction valued at roughly $5.4 billion.

The LockBit ransomware gang has been active since September 2019 as a ransomware-as-a-service (RaaS) and relaunched as the LockBit 2.0 RaaS in June 2021 after ransomware actors were banned from posting on cybercrime forums [12].

Accenture, a Fortune 500 company and one of LockBit’s victims, confirmed to BleepingComputer in August 2021 that it was breached after the gang asked for a $50 million ransom not to leak data stolen from its network.

Source: BleepingComputer

State of the Hack

Tags: LockBit, Mandiant