gwin 0 Posted May 15, 2023 Share Posted May 15, 2023 Hello everyone, on my region this variant ransomware is popular right now, this variant can infected multiple platform and this is very dangerous, because, I'm a worried about this type of ransomware threat, i know ESET abble to detection one of variant based on virus total.https://www.virustotal.com/gui/file/4800a67ceff340d2ab4f79406a01f58e5a97d589b29b35394b2a82a299b19745 But this one of variant lockbit 3.0 ? i dont know. is there any information related to ESET being able to detect variant Lockbit 3.0 such as information on the detection engine version and dates lauch or articles related to ESET having detected this variant. this data can use me and my team to push work hard to try defend more agresive on another scope, if ESET can detect this variant at long ago, I hope this article can also help others who need this information. thank you, Link to comment Share on other sites More sharing options...
hari.senen 3 Posted May 15, 2023 Share Posted May 15, 2023 check this one https://www.virustotal.com/gui/file/0d38f8bf831f1dbbe9a058930127171f24c3df8dae81e6aa66c430a63cbe0509/detection also check the community tab Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted May 15, 2023 Administrators Share Posted May 15, 2023 It is impossible for any security vendor to guarantee that any future versions of particular malware will be 100% detected. ESET has detected various variants of the LockBit ransomware since 2018 when it appeared for the first time. Link to comment Share on other sites More sharing options...
gwin 0 Posted May 15, 2023 Author Share Posted May 15, 2023 I know marcos, none 100% security vendor to abble guarantee detection and totally full protected of all possible objects, but this information can help anyone ESET user, to inform that the product they use can detect and protect against this type of ransomware, and try to see other aspects that are lacking to ward off this attack. thank you @Marcos Link to comment Share on other sites More sharing options...
itman 1,659 Posted May 15, 2023 Share Posted May 15, 2023 2 hours ago, hari.senen said: check this one https://www.virustotal.com/gui/file/0d38f8bf831f1dbbe9a058930127171f24c3df8dae81e6aa66c430a63cbe0509/detection also check the community tab Based on VT results, looks like everyone detects Lockbit 3 ransomware. Link to comment Share on other sites More sharing options...
itman 1,659 Posted May 15, 2023 Share Posted May 15, 2023 (edited) FYI - latest Lockbit version is named "Green" which is targeting; Quote underground researchers noticed that the LockBit gang has modified their VMware ESXI ransomware variant. It is an enterprise-class, type-1 hypervisor developed by VMware for deploying and serving virtual machines. https://cybernews.com/security/lockbit-ransomware-gang-releases-lockbit-green-version/ Also of note is; Quote The behavior of the LockBit administrators was obviously unacceptable to the developer, who decided to leak the source code of LockBit 3.0. Which accounts for almost all security products being able to detect it. Edited May 15, 2023 by itman Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted May 15, 2023 Administrators Share Posted May 15, 2023 27b8ee04d9d59da8e07203c0ab1fc671215fb14edb35cb2e3122c1c0df83bff8 - a variant of Win32/Filecoder.Lockbit.P trojan 45c317200e27e5c5692c59d06768ca2e7eeb446d6d495084f414d0f261f75315 - a variant of Win32/Filecoder.Lockbit.Q trojan b3ea0f4f442da3106c0d4f97cf20e244b84d719232ca90b3b7fc6e59e37e1ca1 - a variant of Win64/Filecoder.Lockbit.A trojan fb49b940570cfd241dea27ae768ac420e863d9f26c5d64f0d10aea4dd0bf0ce3 - a variant of Win64/GenKryptik.FSFZ trojan Link to comment Share on other sites More sharing options...
Recommended Posts