As per the news, a well-known ransomware organization has said that it has successfully attacked cybersecurity firm Mandiant and will expose the firm’s files. LockBit claimed responsibility for this. Mandiant, on the other hand, completely disagrees. Since it was originally identified as ABCD ransomware in September 2019, LockBit 2.0, a ransomware-as-a-service variation that has claimed thousands of victims around the world, released a warning to its dark web domain Monday stating it will release Mandiant files late Monday. The page does not have a ransom demand.
A Mandiant spokesperson told that the corporation was aware of the allegations, but they now lack evidence to back up their assertions. They’ll keep an eye on the issue as it develops. Mandiant is a well-known name in the multibillion-dollar cybersecurity market. Google announced in March that it would purchase Mandiant for $5.4 billion and integrate it into Google Cloud. The LockBit 2.0 article from Monday didn’t specify which files the group allegedly took. Brett Callow, a threat analyst at cybersecurity firm Emsisoft who regularly monitors the ransomware environment, claimed the group has previously made several misleading claims.
As per the sources, Callow told that in some cases, it appeared they’d obtained data relating to Company A from an attack on Company B but claimed A as the victim. It’s also entirely possible that LockBit’s claims have no substance to them whatsoever. This may be the most likely explanation. On June 2, Mandiant published an analysis suggesting that Evil Corp., a long-running cybercrime group that the U.S. government sanctioned in 2019, had turned to use LockBit 2.0 ransomware to evade sanctions.
Furthermore, the Bulgarian governmental agency for refugees, the French Ministry of Justice, and Accenture, which was ultimately pursued a $50 million ransom by the organization, are among the previous LockBit 2.0 ransomware victims. The origins of the so-called SolarWinds hack were disclosed in a 2020 cyberattack on FireEye, Mandiant’s former parent firm. The hack would subsequently spread to include federal agencies and large IT corporations as victims.
