LockBit is a type of ransomware that emerged in 2nd half of 2019. In January 2020, the BitWise Spider ransomware group believed to behind the LockBit development adopted the name LockBit and began operations as a ransomware-as-a-service (RaaS).
Background, Ransomware is a form of malicious software that encrypts a victim's files, rendering them inaccessible, and demands a ransom payment from the victim in exchange for the decryption key. LockBit is part of the broader ransomware landscape and has gained notoriety for its sophisticated techniques and tactics.
LockBit had been involved in several high-profile attacks targeting various organizations. The ransomware operators often employ tactics such as double extortion tactic to encourage victims to pay, first, to regain access to their encrypted files and then to pay again to prevent their stolen data from being posted publicly. The threat to leak the stolen data if the ransom isn't paid, which adds an extra layer of pressure on the victims.
LockBit encrypts files with the “.lockbit” extension, restricting access to data.
LockBit is a supposed to be developed by Russia-linked ransomware group BitWise Spider. LockBit was one of the most prolific ransomware groups of 2022. The group also developed StealBit - Information stealer.
Modern EDR / XDR Solutions do prevent threats related to ransomware but constant up-keep is needed to stay ahead of the curve.