When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Malicious intent
The campaign also seems to be lacking personalization in terms of the phishing email itself.
Proofpoint says all of the emails are going out from the same address - Jenny@gsd[.
(Image Credit: TheDigitalArtist / Pixabay)
]com - the same address that was seen in malware campaigns as early as January 2023.
The attachment is a .ZIP archive with a .EXE file that, if triggered, drops LockBit 3.0.
This might limit its encryption potential, but also prevents any web connection detections and blocks.
LockBit is a known ransomware-as-a-service, with different versions circulating around the darknet.
Among the most popular versions are LockBit 2.0 and LockBit Green.
