LockBit: Perbedaan antara revisi
Konten dihapus Konten ditambahkan
Dibuat dengan menerjemahkan halaman "LockBit" Tag: halaman dengan galat kutipan kemungkinan perlu pemeriksaan terjemahan Terjemahan Konten Terjemahan Konten v2 ContentTranslation: High unmodified machine translation usage |
Juanjuhana (bicara | kontrib) Fitur saranan suntingan: 3 pranala ditambahkan. Tag: halaman dengan galat kutipan VisualEditor Suntingan perangkat seluler Suntingan peramban seluler Tugas pengguna baru Disarankan: tambahkan pranala |
||
(3 revisi perantara oleh 2 pengguna tidak ditampilkan) | |||
Baris 1:
[[Berkas:Hacker-3342696 1920-1024x788.jpg|al=Ilustrasi Peretas LockBit|jmpl|Ilustrasi Peretas LockBit]]
'''LockBit''' adalah kelompok [[Kejahatan siber|penjahat dunia maya]] yang mengusulkan ransomware sebagai layanan (RaaS). Perangkat lunak yang dikembangkan oleh kelompok tersebut (juga disebut [[Perangkat pemeras|ransomware]]) memungkinkan aktor jahat yang bersedia membayar untuk menggunakannya untuk melakukan serangan dengan dua taktik di mana mereka tidak hanya [[Enkripsi|mengenkripsi]] data korban dan meminta pembayaran [[Tebusan|uang tebusan]], tetapi juga mengancam akan [[Kebocoran Internet|membocorkannya]] ke publik, jika tuntutan mereka tidak dipenuhi.<ref name=":0">{{Cite web|title=Ransomware Spotlight: LockBit|url=https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-lockbit|website=Trendmicro|archive-url=https://web.archive.org/web/20230707171309/https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-lockbit|archive-date=2023-07-07|access-date=2023-07-07|url-status=live}}</ref>
Baris 38 ⟶ 6:
Di Amerika Serikat antara Januari 2020 dan Mei 2023, LockBit digunakan dalam sekitar 1.700 serangan ransomware, dengan [[Dolar Amerika Serikat|US$]] 91 juta dibayarkan sebagai tebusan kepada peretas.<ref name=":3">{{Cite web|date=2023-06-14|title=Understanding Ransomware Threat Actors: LockBit|url=https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165a|publisher=CISA|archive-url=https://web.archive.org/web/20231125143837/https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165a|archive-date=2023-11-25|access-date= 2023-11-25|url-status=live}}</ref>
Instansi pemerintah tidak secara formal mengaitkan kelompok tersebut dengan negara bangsa mana pun.<ref>{{Cite news|last=Siddiqui|first=Zeba|last2=Pearson|first2=James|last3=Pearson|first3=James|date=2023-11-10|title=Explainer: What is Lockbit? The digital extortion gang on a cybercrime spree|url=https://www.reuters.com/technology/cybersecurity/what-is-lockbit-digital-extortion-gang-cybercrime-spree-2023-11-10/|work=Reuters|language=en|archive-url=https://web.archive.org/web/20231125143836/https://www.reuters.com/technology/cybersecurity/what-is-lockbit-digital-extortion-gang-cybercrime-spree-2023-11-10/|archive-date=2023-11-25|access-date=2023-11-25|url-status=live}}</ref> Software dengan nama "LockBit" muncul di forum kejahatan dunia maya berbasis [[bahasa Rusia]] pada Januari 2020.<ref name=":3">{{Cite web|date=2023-06-14|title=Understanding Ransomware Threat Actors: LockBit|url=https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165a|publisher=CISA|archive-url=https://web.archive.org/web/20231125143837/https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165a|archive-date=2023-11-25|access-date= 2023-11-25|url-status=live}}<cite class="citation web cs1" data-ve-ignore="true">[https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165a "Understanding Ransomware Threat Actors: LockBit"]. CISA. 2023-06-14. [https://web.archive.org/web/20231125143837/https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165a Archived] from the original on 2023-11-25<span class="reference-accessdate">. Retrieved <span class="nowrap">2023-11-25</span></span>.</cite></ref> Kelompok ini mempunyai motivasi finansial.<ref name=":2">{{Cite news|last=Tunney|first=Catharine|date=February 3, 2023|title=Intelligence agency says ransomware group with Russian ties poses 'an enduring threat' to Canada|url=https://www.cbc.ca/news/politics/cse-lockbit-threat-1.6734996|work=[[Canadian Broadcasting Corporation]]|archive-url=https://web.archive.org/web/20231125140916/https://www.cbc.ca/news/politics/cse-lockbit-threat-1.6734996|archive-date=November 25, 2023|access-date=November 25, 2023|url-status=live}}<cite class="citation news cs1" data-ve-ignore="true" id="CITEREFTunney2023">Tunney, Catharine (February 3, 2023). [https://www.cbc.ca/news/politics/cse-lockbit-threat-1.6734996 "Intelligence agency says ransomware group with Russian ties poses 'an enduring threat' to Canada"]. ''[[CBC|Canadian Broadcasting Corporation]]''. [https://web.archive.org/web/20231125140916/https://www.cbc.ca/news/politics/cse-lockbit-threat-1.6734996 Archived] from the original on November 25, 2023<span class="reference-accessdate">. Retrieved <span class="nowrap">November 25,</span> 2023</span>.</cite></ref>
Pada bulan Februari 2024 lembaga penegak hukum menguasai situs [[web gelap]] LockBit yang digunakan untuk serangan.<ref name="tr-lockbit-ransomware-gang-disrupted">{{Cite news|last=Sharwood|first=Simon|date=2024-02-20|title=LockBit ransomware gang disrupted by global operation|url=https://www.theregister.com/2024/02/20/lockbit_down_operation_cronos/|work=[[The Register]]|archive-url=https://web.archive.org/web/20240221022912/https://www.theregister.com/2024/02/20/lockbit_down_operation_cronos/|archive-date=2024-02-21|access-date=2024-02-21|url-status=live}}</ref><ref name="tr-cops-turn-lockbit-ransomware-gangs-countdown-timers-against-them">{{Cite news|last=Jones|first=Conor|date=2024-02-20|title=Cops turn LockBit ransomware gang's countdown timers against them|url=https://www.theregister.com/2024/02/20/nca_lockbit_takedown/|work=[[The Register]]|archive-url=https://web.archive.org/web/20240221022912/https://www.theregister.com/2024/02/20/nca_lockbit_takedown/|archive-date=2024-02-21|access-date=2024-02-21|url-status=live}}</ref> Namun, serangan lebih lanjut dengan ransomware LockBit kemudian dilaporkan, dan kelompok tersebut berusaha untuk melakukan serangan balik.<ref name="postseize">{{Cite web|last=Gatlan|first=Sergiu|date=22 February 2024|title=ScreenConnect servers hacked in LockBit ransomware attacks|url=https://www.bleepingcomputer.com/news/security/screenconnect-servers-hacked-in-lockbit-ransomware-attacks|website=BleepingComputer|archive-url=https://web.archive.org/web/20240223104453/https://www.bleepingcomputer.com/news/security/screenconnect-servers-hacked-in-lockbit-ransomware-attacks/|archive-date=23 February 2024|access-date=23 February 2024|quote=despite the law enforcement operation against LockBit, it seems as though some affiliates are still up and running.|url-status=live}}</ref><ref>{{Cite web|title=Latest LockBit news|url=https://www.bleepingcomputer.com/tag/lockbit/|website=BleepingComputer|archive-url=https://web.archive.org/web/20240221095339/https://www.bleepingcomputer.com/tag/lockbit/|archive-date=21 February 2024|access-date=23 February 2024|url-status=live}} Developments added as they happen; latest 22 February 2024</ref>
Baris 76 ⟶ 44:
Pada bulan Juli 2022, layanan administrasi dan manajemen [[La Poste|La Poste Mobile]] diserang.<ref>{{Cite web|date=2022-07-08|title=Qui est LockBit 3.0, le cyber-rançonneur de La Poste Mobile ?|url=https://www.latribune.fr/technos-medias/informatique/qui-est-lockbit-3-0-le-cyber-ranconneur-de-la-poste-mobile-925065.html|website=La Tribune|language=fr|archive-url=https://web.archive.org/web/20230604135824/https://www.latribune.fr/technos-medias/informatique/qui-est-lockbit-3-0-le-cyber-ranconneur-de-la-poste-mobile-925065.html|archive-date=2023-06-04|access-date=2023-07-21|url-status=live}}</ref>
Pada bulan September 2022, peretas kelompok tersebut mengklaim melakukan serangan siber terhadap 28 organisasi, 12 di antaranya melibatkan organisasi [[Prancis]]. <ref>{{Cite web|last=Bodnar|first=Bogdan|date=2022-09-14|title=Les hackers de l'hôpital de Corbeil-Essonnes revendiquent 12 cyberattaques d'organismes français|url=https://www.numerama.com/cyberguerre/1112220-les-hackers-de-lhopital-en-essonne-revendiquent-12-attaques-dorganismes-francais.html|website=Numerama|language=fr-FR|archive-url=https://web.archive.org/web/20220915194649/https://www.numerama.com/cyberguerre/1112220-les-hackers-de-lhopital-en-essonne-revendiquent-12-attaques-dorganismes-francais.html|archive-date=2022-09-15|access-date=2023-07-21|url-status=live}}</ref> Diantaranya, rumah sakit [[Corbeil-Essonnes|Corbeil Essonnes]] menjadi sasaran permintaan tebusan sebesar US$10 juta.<ref>{{Cite news|date=2022-09-25|title=Cybercriminalité : l'hôpital de Corbeil-Essonnes refuse de payer la rançon, les hackeurs ont commencé à diffuser des données|url=https://www.lemonde.fr/pixels/article/2022/09/25/cybercriminalite-l-hopital-de-corbeil-essonnes-refuse-de-payer-la-rancon-les-hackeurs-ont-commence-a-diffuser-des-donnees_6143112_4408996.html|work=Le Monde|language=fr|archive-url=https://archive.today/20240320044808/https://www.lemonde.fr/pixels/article/2022/09/25/cybercriminalite-l-hopital-de-corbeil-essonnes-refuse-de-payer-la-rancon-les-hackeurs-ont-commence-a-diffuser-des-donnees_6143112_4408996.html|archive-date=2024-03-20|access-date=2023-07-21|url-status=live}}</ref>
Pada bulan Oktober 2022, kelompok LockBit mengaku bertanggung jawab atas serangan terhadap Pendragon PLC, sekelompok pengecer otomotif di Inggris, menuntut uang tebusan sebesar US$60 juta untuk mendekripsi file dan tidak membocorkannya; pihak perusahaan menyatakan bahwa mereka menolak permintaan tersebut.<ref>{{Cite web|date=24 October 2022|title=Pendragon car dealer refuses $60 million LockBit ransomware demand|url=https://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/|website=BleepingComputer|archive-url=https://web.archive.org/web/20230602235935/https://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/|archive-date=2 June 2023|access-date=21 July 2023|url-status=live}}</ref>
Pada 31 Oktober 2022, kelompok hacker LockBit mengaku telah menyerang Thales Group untuk kedua kalinya dan tidak meminta uang tebusan, namun menyatakan bahwa datanya akan dirilis. Kelompok peretas menawarkan bantuan kepada pelanggan Thales yang terkena dampak pencurian tersebut, untuk mengajukan pengaduan terhadap Thales, sebuah kelompok "yang sangat mengabaikan aturan kerahasiaan". <ref>{{Cite web|date=2022-10-31|title=INFO FRANCEINFO. Un groupe de hackers revendique une cyberattaque contre Thales|url=https://www.francetvinfo.fr/internet/securite-sur-internet/cyberattaques/info-franceinfo-un-groupe-de-hackers-revendique-une-cyberattaque-contre-thales_5450623.html|website=Franceinfo|language=fr-FR|archive-url=https://web.archive.org/web/20230413024830/https://www.francetvinfo.fr/internet/securite-sur-internet/cyberattaques/info-franceinfo-un-groupe-de-hackers-revendique-une-cyberattaque-contre-thales_5450623.html|archive-date=2023-04-13|access-date=2023-07-21|url-status=live}}</ref> Pada 10 November 2022, grup LockBit 3.0 menerbitkan di darknet versi 9.5 Arsip GB dengan informasi curian mengenai kontrak Thales di [[Italia]] dan Malaysia.<ref>{{Cite web|date=2022-11-11|title=Cybersécurité : des données volées à Thales publiées sur le darkweb|url=https://www.lefigaro.fr/secteur/high-tech/cybersecurite-des-donnees-volees-a-thales-publiees-sur-le-darkweb-20221111|website=Le Figaro|language=fr|archive-url=https://web.archive.org/web/20230721194422/https://www.lefigaro.fr/secteur/high-tech/cybersecurite-des-donnees-volees-a-thales-publiees-sur-le-darkweb-20221111|archive-date=2023-07-21|access-date=2023-07-21|url-status=live}}</ref><ref>{{Cite news|date=2022-11-11|title=Thales : Lockbit diffuse des données volées, l'entreprise dément toute intrusion dans son système|url=https://www.lemonde.fr/pixels/article/2022/11/11/thales-lockbit-diffuse-des-donnees-volees-l-entreprise-dement-toute-intrusion-dans-son-systeme_6149491_4408996.html|work=Le Monde|language=fr|archive-url=https://web.archive.org/web/20230721003710/https://www.lemonde.fr/pixels/article/2022/11/11/thales-lockbit-diffuse-des-donnees-volees-l-entreprise-dement-toute-intrusion-dans-son-systeme_6149491_4408996.html|archive-date=2023-07-21|access-date=2023-07-21|url-status=live}}</ref>
Pada November 2022, OEHC - [[Office d'Équipement Hydraulique de Corse]] - menjadi korban serangan siber yang mengenkripsi data komputer perusahaan. Permintaan tebusan diajukan oleh kelompok peretas, namun OEHC tidak menanggapinya.<ref>{{Cite web|date=2022-11-16|title=Cyberattaque : L'OEHC refuse de négocier, et promet un retour à la normale le plus rapidement possible|url=https://france3-regions.francetvinfo.fr/corse/haute-corse/bastia/cyberattaque-l-oehc-refuse-de-negocier-et-promet-un-retour-a-la-normale-le-plus-rapidement-possible-2656560.html|website=France 3 Corse ViaStella|language=fr-FR|archive-url=https://web.archive.org/web/20221203210151/https://france3-regions.francetvinfo.fr/corse/haute-corse/bastia/cyberattaque-l-oehc-refuse-de-negocier-et-promet-un-retour-a-la-normale-le-plus-rapidement-possible-2656560.html|archive-date=2022-12-03|access-date=2023-07-21|url-status=live}}</ref>
Baris 140 ⟶ 108:
Pada bulan Juni 2024, LockBit mengaku bertanggung jawab atas pelanggaran besar terhadap Evolve Bank & Trust,<ref>{{Cite web|last=Xie|first=Teresa|last2=Gorrivan|first2=Charles|date=2024-06-26|title=Evolve Bank & Trust Confirms Data Was Stolen in Cyber Attack|url=https://www.bloomberg.com/news/articles/2024-06-26/evolve-bank-trust-confirms-its-data-was-stolen-in-cyber-attack|website=Bloomberg|access-date=2024-06-27}}</ref> bank mitra dari banyak perusahaan teknologi keuangan termasuk [[Stripe, Inc.|Stripe]], Mercury, Affirm, dan Airwallex.<ref>{{Cite web|last=|date=2024-06-26|title=FinTech Banking Partner Evolve Bancorp Hit by Major Ransomware Attack|url=https://www.pymnts.com/cybersecurity/2024/fintech-banking-partner-evolve-bancorp-hit-by-major-ransomware-attack/|website=PYMNTS.com|language=en-US|access-date=2024-06-27}}</ref> Kelompok ini mengancam akan membocorkan data dari [[Federal Reserve System|Federal Reserve AS]], namun data yang bocor tersebut tampaknya datang langsung dari Evolve, bukan Federal Reserve.<ref>{{Cite web|last=Croft|first=Daniel|date=2024-06-26|title=LockBit lies about US Federal Reserve data, publishes alleged Evolve Bank data|url=https://www.cyberdaily.au/security/10745-lockbit-lies-about-us-federal-reserve-data-publishes-alleged-evolve-bank-data|website=www.cyberdaily.au|language=en|access-date=2024-06-27}}</ref>
Lockbit 3.0 disebut-sebut dalam kasus pembobolan Pusat Data Nasional (PDN) dengan modus ransomware yang memakan korban 210 instansi. Sebelumnya, Pusat Data Nasional Sementara (PDNS) 2 di Surabaya mengalami gangguan sejak 20 Juni. Beberapa layanan publik, termasuk imigrasi, lumpuh. "Insiden pusat data sementara ini adalah serangan siber dalam bentuk ransomware dengan nama braincipher ransomware," ujar Hinsa Siburian, Kepala Badan Siber dan Sandi negara (BSSN).<ref>{{Cite web|date=2024-06-24|title=Mengenal Lockbit 3.0 yang Ada di Balik Peretasan PDNS|url=https://www.cnnindonesia.com/teknologi/20240624142037-192-1113438/mengenal-lockbit-30-yang-ada-di-balik-peretasan-pdns|website=www.cnnindonesia.com|language=id|access-date=2024-07-13}}</ref>
== Referensi ==
Baris 145 ⟶ 115:
{{Reflist|32em}}
{{Peretasan pada tahun 2020-an}}
[[Kategori:Kelompok peretas]]
|