May 30, 2026
C2 Hosts: 6
LockBit
Also known as: ABCD Ransomware
C2 Infrastructure
Hosting/VPS 76%
Business 12%
sinkhole 6%
Unknown 6%
Last 7 days
May 29, 2026
C2 Hosts: 26
May 28, 2026
C2 Hosts: 1
May 24, 2026
C2 Hosts: 1
| Date | C2 Hosts |
|---|---|
| May 30, 2026 | 6 |
| May 29, 2026 | 26 |
| May 28, 2026 | 1 |
| May 24, 2026 | 1 |
Further Reading
C.A.S hacktivists attack Russian organizations using rare RATs
Kaspersky experts analyze attacks by C.A.S, a cybergang that uses uncommon remote access Trojans and posts data about victims in public Telegram channels.
securelist.com
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware - The DFIR Report
Key Takeaways Case Summary This intrusion began near the end of January 2024 when the user downloaded and executed a file using the same name (setup_wm.exe) and executable icon, as the legitimate M...
thedfirreport.com
March 2023 broke ransomware attack records with 459 incidents
March 2023 was the most prolific month recorded by cybersecurity analysts in recent years, measuring 459 attacks, an increase of 91% from the previous month and 62% compared to March 2022.
bleepingcomputer.com
The Week in Ransomware - April 1st 2022 - 'I can fight with a keyboard'
While ransomware is still conducting attacks and all companies must stay alert, ransomware news has been relatively slow this week. However, there were still some interesting stories that we outlin...
bleepingcomputer.com
Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself | Microsoft Security Blog
Microsoft coined the term “human-operated ransomware” to clearly define a class of attack driven by expert human intelligence at every step of the attack chain and culminate in intentional business...
microsoft.com
Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself | Microsoft Security Blog
Microsoft coined the term “human-operated ransomware” to clearly define a class of attack driven by expert human intelligence at every step of the attack chain and culminate in intentional business...
microsoft.com
NullBulge | Threat Actor Masquerades as Hacktivist Group Rebelling Against AI
Actors are masquerading as hacktivists targeting AI-centric communities with commodity malware and customized LockBit payloads.
sentinelone.com
Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload
Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of and our investigation into a campaign that uses both to deliver the Loc...
trendmicro.com
New LockBit 5.0 Targets Windows, Linux, ESXi
Trend™ Research analyzed source binaries from the latest activity from notorious LockBit ransomware with their 5.0 version that exhibits advanced obfuscation, anti-analysis techniques, and seamless...
trendmicro.com
LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups: Ransomware in Q1 2022 | Trend M...
This report delves into the ransomware threat landscape of the first quarter of 2022, with a focus on the three most successful ransomware families and the types of industries and organizations tha...
trendmicro.com
Ransomware Spotlight: LockBit | Trend Micro (US)
The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today. With LockBit’s strong malware capabilities and affiliate program, organiza...
trendmicro.com
Ransomware hits helicopter maker Kopter
Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
zdnet.com
Il polo italiano della Cyber Security
Costruiamo un digitale sicuro, insieme. Sicurezza, Resilienza, Innovazione Tinexta Cyber è una delle principali realtà italiane nel campo della cybersecurity e della system integration, parte del G...
yoroi.company