Skip to content
Ransomware group

CryptBB

CryptBB is a separately named ransomware operation that has used payloads produced with the leaked LockBit 3.0 builder.

Profile source: MBSD opens in a new tab

CryptBB

Family profile

CryptBB is a separately named ransomware operation that has used payloads produced with the leaked LockBit 3.0 builder. Its LockBit lineage is retained as context rather than treating CryptBB as a LockBit alias.

Ransomware.live

Operational record

View group record ↗

Reporting

Research mentioning CryptBB

Jul 16
Register Security

Brit Scattered Spider duo handed tickets to prison over Transport for London attack

The NCA said the investigation that led to today's sentencing was perhaps even more complicated than Operation Chronos, which crippled the once-dominant LockBit ransomware group.

Jul 14
Chainalysis

“Stern” Ransomware Operator Sanctioned by EU

Media Land LLC, a bullet-proof hosting provider that has facilitated ransomware operations including LockBit, EvilCorp, and BlackBasta since 2016...

Jul 14
Gurucul Threat Research

ClickFix: Exploiting Compromised WordPress Sites with a Polygon-Based C2 Infrastructure | Community Portal | Gurucul

Lockbit6

Jul 13
Itsecurityguru

UK Cyber Attacks Climb 34% as Ransomware Leadership Shifts, Check Point Research Reveals - IT Security Guru

LockBit also surged, rising from 1% of published attacks in May to 7% in June, making it the third most prevalent group.

Jul 11
Cyberveille

Accenture confirme une violation de données : 35 Go de code source et clés volés | CyberVeille

Accenture had also suffered a LockBit ransomware attack in 2021 with data exfiltration.

Jul 10
Threataft

Ransomware Gangs Use PsExec + NirSoft to Own Your Network Before You Notice | ThreatAft

The consistent use of PsExec for lateral movement and NirSoft utilities for credential theft across multiple ransomware families — including GodDamn, Qilin, RansomHub, Royal, Akira, LockBit, and Makop — represents a predictable attack pattern.

Jul 9
Cyber Security News

Accenture Confirms Data Breach - Hacker Claims Theft of Internal Source Code

Separately, Accenture was hit by the LockBit ransomware gang in August 2021, when attackers claimed to have stolen over 6TB of data and demanded a $50 million ransom.

Jul 8
Security Affairs

A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach

In 2021, the LockBit ransomware gang hit Accenture and stole data from its systems.

We appreciate you

Derp wouldn't exist without the work these projects do for the security community. We rely on their data sources to improve the quality and depth of what we publish. Thank you, we're genuinely grateful.