While they continue to steal data from well-known companies and list their names on LockBit’s leak site, operators are enjoying their success. One of the main causes of this is due to the strategies and methods used by the gang, one of which is an evasion tradecraft that researchers have become aware of.
Recently, Lockbit was employed in a drive to get around the Mark of The Web (MOTW) security measure. Researchers from Fortinet noted that during a campaign between December and January, LockBit operators employed a variety of evasion strategies.