LockBit claims ransomware attack on security giant Entrust

The LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust.

Last month, BleepingComputer broke the story that Entrust suffered a ransomware attack on June 18th, 2022.

While Entrust confirmed to BleepingComputer that they suffered a cyberattack and that data was stolen from internal systems, they would not confirm that it was a ransomware attack.

"We have determined that some files were taken from our internal systems. As we continue to investigate the issue, we will contact you directly if we learn information that we believe would affect the security of the products and services we provide to your organization," Entrust told BleepingComputer last month.

However, AdvIntel CEO Vitali Kremez told BleepingComputer at the time that a well-known ransomware gang had attacked Entrust after purchasing access to the corporate network through "network access sellers." 

LockBit claims attack on Entrust

Today, security researcher Dominic Alvieri told BleepingComputer that LockBit had created a dedicated data leak page for Entrust on their website, stating that they would publish all of the stolen data tomorrow evening.

Entrust page on the LockBit data leak site
Source: BleepingComputer

When ransomware gangs publish data on their data leak sites, they usually leak data over time to scare the victim into returning to the negotiation table.

As LockBit states that they will publish all data, it indicates that Entrust has not negotiated with the ransomware operation or refuses to give in to their demands.

BleepingComputer has reached out to Entrust for further confirmation on the LockBit attack but has not heard back at this time.

However, LockBit claiming of the attack supports what sourced had previously told BleepingComputer about who was responsible.

LockBit is considered one of the most active ransomware operations at this time, with its public-facing operation 'LockBitSupp' actively engaging with threat actors and cybersecurity researchers.

In June, LockBit 3.0 was released with new encryptors based on the BlackMatter source code, new payment options, new extortion strategies, and the first ransomware bug bounty program.

Due to its ongoing adoption of new tactics, technology, and payment methods, it is vital for security and network professionals to stay up to date on the evolution of the operation and its TTPs.