Thailand’s second-largest hypermarket operator, the Big C was allegedly targeted by the LockBit ransomware group. The Big C Thailand cyberattack post on LockBit’s leak site has a deadline of April 27 on it. Post the deadline, the ransomware group has threatened to leak the stolen data.
Details about the alleged Big C Thailand cyberattack
With a brief introduction about the Thailand-based grocery and general merchandising retailer, the LockBit ransomware group wrote that all the available data will be published, understandably if the ransom demands were not met.
The data leak will likely be made after 07:10:14 UTC according to the LockBit threat posted on its leak site. The website post the alleged Big C Thailand cyberattack was fully functional at the time of writing.
Big C Thailand cyberattack: LockBit ransomware group and its series of attacks
LockBit ransomware group has remained among the top of all ransomware groups in terms of the number of attacks launched so far. Besides the alleged Big C Thailand cyberattack, the group has made nearly 1,716 attacks.
The LockBit 3.0 or LockBit Black demands an average ransom amount of $85,000 per target, read a HIPAA Journal report. The group functioning as a ransomware-as-a-service changed its name several times all while working on its ransomware. The group’s ransomware versions changed from LockBit 2.0 in 2021 to LockBit 3.0 in June 2022.
According to an Infosecurity report, the LockBit ransomware group launched nearly 44% of all ransomware attacks in 2022. Closely followed the Conti ransomware group with 23% of all ransomware attacks.
The LockBit ransomware group gains initial access to target’s system using phishing links, exploiting zero-day vulnerabilities and unpatched bugs, and buying access from brokers.
The financially motivated ransomware group was found to use several data exfiltration tools including Stealbit, rclone, and MEGA.
LockBit and Apple devices
The group’s avarice to creep into macOS devices after attacking numerous Windows and Linux devices may not go as planned, researchers argue. This is because of the security measures put in place on macOS devices.
The ‘locker_Apple_M1_64’ malware aimed to target macOS devices was detected on April 15th. Its file has an extension of .lockbit and it is a type of cryptovirus. It is designed to encrypt macOS device system files and rename them with the said extension.
It was launched on targeted systems using spam emails and infected email attachments. It was found that the locker_Apple_M1_64 was a work in progress with several loopholes which leads to its detection.
It is suspected that the malware was initially designed to target Windows however, was later modified to test on macOS instead. Researchers are suggesting that Apple developers create another layer of security besides the ones present for the sake of security in the wake of malware created to target them.