Blog
53
Сlarity and Trust – We take pride in being the site where you can feel free to express your opinion and leave feedback. Whenever you click on the websites of products reviewed by us, we participate in the revenue sharing and get commissions that help us maintain our project. Read more about how we work.

Grouping LockBit Announced the Hacking of the Information Security Company Mandiant

Now Reading
Grouping LockBit Announced the Hacking of the Information Security Company Mandiant

Contents
LockBit announced the Mandiant hack

On the website of the hack group LockBit, a message appeared in which hackers announced that Mandiant had been hacked and threatened to publish 356,841 files allegedly stolen from the information security company. It seems that the attackers did not like that in a recent study, Mandiant specialists linked their activities to the operations of Evil Corp.

Let me remind you that we also wrote that Attackers hacked cybersecurity company Qualys through Accellion FTA.

Bleeping Computer writes that LockBit did not report exactly which files were stolen from Mandiant systems, and the list of files on the leak page was empty. However, it showed a file named mandiantyellowpress.com.7z with a size of 0 bytes, which appeared to be associated with the domain mandiantyellowpress[.]com (registered yesterday). Visiting this page redirected to ninjaflex[.]com.

LockBit announced the Mandiant hack

When the publication reached out to Mandiant for comment, the company said it was already investigating the incident, but so far found no signs of hacking.

Mandiant is aware of these statements related to LockBit. At the moment we have no evidence to support their claims. We will continue to monitor the development of the situation.the company said.

Now that the “leak” has been made public, it has become clear that the hackers did not seem to have stolen anything, but are trying in a very original way to refute the recent Mandiant study, in which experts linked LockBit to the operations of Evil Corp.

Let me remind you that, according to experts, now Evil Corp is acting as one of the “partners” of LockBit, thus trying to evade US sanctions, as well as save resources and time to develop their own malware.

LockBit announced the Mandiant hack

Apparently, LockBit fears loss of income and the fact that their victims will stop paying ransoms, since Evil Corp is under sanctions.

I was very surprised to read tabloid news on Twitter. Mandiant.com are not professionals. Any scripts and tools for attacks are in the public domain and can be used by any hacker on the planet, most of the attack methods are described on the forums, on GitHub and Google, and the fact that someone uses similar tools cannot be proof that the attacks were carried out by the same people. Our group has nothing to do with Evil Corp. We are real underground darknet hackers, we have nothing to do with politics or intelligence agencies like the FSB, the FBI and so on.LockBit hackers said.
Mandiant reviewed the data disclosed by LockBit. Judging by the published data, there is no indication that the Mandiant information was disclosed, rather, the attackers are trying to refute a research post on the Mandiant blog dated June 2, 2022, dedicated to the connection of UNC2165 and LockBit.Mandiant comments.

You might also be interested in our post on Mandiant M-Trends 2022: Companies significantly improved cyberthreat detection time.

What's your reaction?
Love It
0%
Like It
0%
Want It
0%
Had It
0%
Hated It
0%
Posted In
Blog
Tags
Evil Corp, hackers, LockBit, Mandiant
, , ,
About The Author
Vladimir Krasnogolovy
Comments
Leave a response

Leave a Response