LockBit is a well-known name in ransomware threat group circles, an adversary that regularly reinvents itself to maintain effectiveness and increase its targeting capabilities. The group remains highly active, introducing new capabilities designed to improve speed, stealth, and effectiveness across enterprise environments.
In this webinar, LevelBlue SpiderLabs researchers present a deep technical analysis of LockBit 5.0, based on an in-depth study of 19 ransomware samples targeting Windows, Linux (LINUX Locker v1.06 / v1.08), and VMware ESXi (LINUX ESXi Locker v1.07).
It examines how the ransomware operates across platforms, how it encrypts data, evades analysis, and interacts with compromised systems, while highlighting the emerging tradecraft defenders should be watching for.
You'll learn about:
- Key technical changes introduced in LockBit 5.0
- Details on LockBit’s advanced anti-analysis and operational features
- Detection and hunting considerations based on observed behavior
