lockbit3 fs
Intelligence Profile
LockBit 3.0 ("LockBit Black"), active since June 2022, is the third iteration of the LockBit RaaS platform incorporating code from BlackMatter ransomware, featuring modular encrypted payloads that evade analysis and targeting Windows and VMware ESXi environments across all sectors globally.
Threat Analysis
lockbit3 fs is a ransomware operation that deploys encryption-based extortion against organizations globally. This group maintains a data leak site (DLS) to pressure victims into paying ransom demands.
Financially motivated threat actors like lockbit3 fs prioritize monetary gain through methods such as ransomware deployment, banking trojans, cryptocurrency theft, BEC scams, or credential harvesting for resale on underground markets.
Ransomware Victims (38)
CTIWATCH tracks 38 organizations claimed as victims by lockbit3 fs on its data leak site, with attack dates, sectors and countries.
View full victims list →