• Image 01
  • Image 02
  • Image 03
  • Image 04
  • Image 05
  • Image 06
Need assistance? Contact Us: 1-800-255-5897

Menu

  • Home
  • About Us
    • Company Overview
    • Management Team
    • Board of Directors
  • Your Loan Service Center
  • MAKE A PAYMENT
  • Business Service Center
  • Contact Us
  • Home
  • About Us
    • Company Overview
    • Management Team
    • Board of Directors
  • Your Loan Service Center
  • MAKE A PAYMENT
  • Business Service Center
  • Contact Us
Recent Quotes
View Full List
My Watchlist
Create Watchlist
Indicators
DJI
Nasdaq Composite
SPX
Gold
Crude Oil
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

Swiss Company Dismantles Global-Scale CyberCrime Campaign, Saving Thousands of Enterprises

By: PRODAFT SARL via AccessWire
June 21, 2021 at 05:20 AM EDT

YVERDON-IES-BAINS, SWITZERLAND / ACCESSWIRE / June 21, 2021 / PRODAFT, a Switzerland-based cyber-security company has just published a report on the notorious LockBit 'ransomware' cybercrime operation. According to the firm's report; systems of more than 2100 enterprise victims were compromised and held hostage. Upon months of cyber-intelligence research, PRODAFT's team have not only de-anonymized the attackers, but also rescued most of the victimized systems.

As known, 'Ransomware' has become one of the most popular attack methods which relies on infiltrating enterprise systems, encrypting the data and taking all valuable files hostage. While most people experience these kind of attacks on a more personal and generic manner with their own personal devices; extremely-organized global scale cyber-crime groups also utilize similar techniques for conducting the same operation on a more skillful, professional and dangerous manner. In addition to making the data inaccessible, most of the attackers threaten to publish the victim's data unless the ransom is paid until a certain time ("Double Extortion").

While ransomware has been in use for decades, it has gained much popularity among cyber criminals in recent years due to the level of experience it requires to conduct such attacks and the easiness of using anonymous payment methods. It is expected that losses from ransomware attacks are likely to exceed $20 billion by 2021.

LockBit, according to researchers from PRODAFT, has been an excellent example for these advanced ransomware operations in recent years. According to Ege Balcı, PRODAFT's threat intelligence team lead, 'Lockbit can automatically scan a network for useful targets, spread the infection, and encrypt all computers that are available. This ransomware is used in very unique attacks against companies and other organizations.'

Researchers from PRODAFT has stated that they have come across the LockBit operation following a support request from one of their clients. Following analysis of different malware samples, it was possible for the experts to detect the command and control server, the headquarters of the global operation. Upon overcoming different technical challenges while analyzing the command and control server, PRODAFT's researchers have been able to unfold the entire operation, acquiring details about victim telemetry, money flow analysis, infrastructure analysis and of course, profit estimations.

Koryak UZAN, co-founder of PRODAFT states 'an average ransom, demanded from a victimized enterprise is around 85 thousand dollars. We have been able to access detailed chat logs between victims and criminals involving price negotiations. In some cases, we even detected that IT officers inside victim organizations were negotiating a secret share for themselves, acting on behalf of the criminals'.

It has been further indicated that, ransomware continues to be a top priority in the agenda of public institutions and law enforcement agencies. 'No More Ransomware' project of EUROPOL is an important example for this issue. Acting as a support hub for targeted organizations, 'No More Ransomware' is an initiative that enables companies like PRODAFT to assist law enforcement and other public bodies in their fight against ransomware.

Organizations who have been targeted by LockBit, and did not received their decryption key yet, can simply go to PRODAFT's web site or github page to check if their key has already been published.

Founded in 2012, PRODAFT is a Switzerland-based provider of Cyber Threat Intelligence and Cyber Security solutions. The Company primarily works with critical infrastructures including but not limited to banking institutions, payment gateways, large e-commerce vendors, insurance providers and telecommunication companies. Aside from its commercial activities, PRODAFT's public articles and case-reports are recognized and praised by different SOCs, CERTS, CSIRTS and Law Enforcement agencies from different parts of the globe.

Note: Additional information about the case can be found in the case report: 
https://www.prodaft.com/m/reports/LockBit_Case_Report___TLPWHITE.pdf

Additionally, ZDNET's coverage of this topic can be found here for reference: https://www.zdnet.com/article/a-deep-dive-into-the-operations-of-the-lockbit-ransomware-group/

Mr. Koryak UZAN
Co-Founder
koryak@prodaft.com

SOURCE: PRODAFT SARL



View source version on accesswire.com:
https://www.accesswire.com/652460/Swiss-Company-Dismantles-Global-Scale-CyberCrime-Campaign-Saving-Thousands-of-Enterprises

More News

View More
TransDigm’s Edge: From Spare Parts to Sky-High Profits
Today 8:47 EDT
Via MarketBeat
Topics Supply Chain
Tickers BA EADSY RTX SVT TDG
Spire Global: Tiny Satellites, Big Buy Ratings and Upside
September 06, 2025
Via MarketBeat
Tickers SPIR
Energy Fuels: Is This America's Most Strategic Stock?
September 06, 2025
Via MarketBeat
Topics Economy Supply Chain
Tickers UUUU
Silver and Gold Break Out—3 Names to Ride The Wave
September 06, 2025
Via MarketBeat
Topics ETFs
Tickers GLD HL IAU SPY
MarketBeat Week in Review – 09/01 - 09/05
September 06, 2025
Via MarketBeat
Topics Artificial Intelligence Economy
Tickers AFRM AMBA AMZN AVGO DELL GOOGL
Site Logo
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.

Having difficulty making your payments? We're here to help! Call 1-800-255-5897

Copyright © 2019 Franklin Credit Management Corporation
All Rights Reserved
Contact Us | Privacy Policy | Terms of Use | Sitemap