03 novembre 2022

Une interview du groupe LOCKBIT

 Piratage de THALES  ? De CONTINENTAL ?
Pour ceux qui souhaitent en apprendre d'avantage sur ce groupe spécialisé dans le ransomware ! 

 

Source : vx-underground

* In this interview this person will be identified as LB0 (Lockbit administrator, founding member)
* vx-underground conducted this interview over TOX
	- Text and grammar has been modified to improve legibility


смелли: 		When did you start Lockbit and why?
LB0: 			Lockbit was founded September 3rd, 2019. Other groups were autistic or drug addicts.

смелли: 		Hahahaha. So, was this your first ransomware group? Or were you a veteran of the ransomware scene?
LB0:			I am a veteran.

смелли:			How'd you come up with the name Lockbit? It's a cool name
LB0:			Normal logic, lock and byte, lock byte [sic]

смелли:			Did you start Lockbit by yourself? Or did you have a team?
LB0:			I had a team. I'm the boss. Lockbit 1.0 was not created alone. Currently our team has over 10 members which includes pentesters,
			developers, money launderers, testers, and negotiators.

смелли:			You mentioned other competitors were drug addicts. Is substance abuse an issue in ransomware groups?
LB0:			Yes, cocaine or marijuana. I use drugs, but in very reasonable quantities and in rare occasion

смелли:			Understood. Well, is the current Lockbit team still present in Lockbit 3.0?
LB0:			Yes, people very rarely leave. If they do leave, I find and recruit.

смелли:			Do you ever see internal conflicts in the group? How do you manage that?
LB0:			If I see that the person behaves inadequately and does not correct himself, then I fire such a person or create conditions under 
			which he leaves on his own.
			
смелли:			Do you ever hire outside of your team? Like contractors?
LB0:			Naturally, I hire different specialists for any work. I can't do everything with my own hands. In fact, I am a manager.

смелли:			This is a lot of work. Are you stressed from running the largest cyber cartel in history?
LB0:			I don't have any stress, I love my job, it's a lot of fun. I love when when I have 5 stars and helicopters like 
			in GTA, I have fun.
			
смелли:			Your group is extremely active, how many affiliates do you have?
LB0:			No more than 100 people at the moment. My dream is 300 partners like 300 Spartans. In my blog there is a detailed description of how to 
			become a partner, it can become any person from the planet earth and even aliens. 
			http://lockbitapt2d73krlbewgv27tquljgxr33xbwwsp6rkyieto7u4ncead.onion/rules
			
смелли:			Regarding affiliates, you mentioned you have over 100... do you have ban affiliates? Do affiliates know each other? Do you have a chatroom?
LB0:			No, we don't have a chatroom. If someone wants to share they're a partner, they can do so. As far as banning affiliates - I do regular 
			purges and block those who are not active.

смелли:			Do you ever reward affiliates for being active or doing big ransoms?
LB0:			The best reward for my partners is a stable platform to work with an impeccable reputation, the fourth year of stability what could be better?

смелли:			Do you negotiate for affiliates? Or do they do it themselves?
LB0:			I negotiate personally, for an increased percentage, the usual percentage is 20%, but if the negotiations are conducted by me personally, 
			the percentage ranges from 30 to 50% depending on the complexity and effectiveness of the negotiations.
			
смелли:			Have you seen a decrease of affiliates since the beginning of the Russian / Ukrainian conflict?
LB0:			Yes I observe, 1-20% of the partners have gone to other countries to avoid being mobilized, the FBI has a great opportunity to 
			catch someone who is not watching their anonymity and not quality laundering of money obtained by criminal means.
			
смелли:			Do you ever casually talk with affiliates or consider them your friends?
LB0:			Every partner is my friend) 
			
смелли:			Regarding affiliates, people have discussed the difficulty of cashing out ransoms. Is it hard?
LB0:			I don't believe it, it's very simple.

смелли:			What really? Its easy to cash out?
LB0:			There's nothing easier than cashing out, it's the easiest thing in my job. Just transfer the money to Chinese exchangers, from there 
			to another exchange, then to drop *** cards. You send the *** to the ATM and they bring you the cash.
			
смелли:			How do *** get the crypto on a card?
LB0:			There are a lot of online services, from cryptocurrency exchanges to exchangers and localbitcoins. I always use different ways 
			to blend in with the crowd.

смелли:			You trust ***?
LB0:			I don't trust ***, but if you cash out long over several years and in small installments there is no problem.

смелли: 		Where do you find ***? Forums?
LB0:			Yes

смелли:			... Do you meet them in person?
LB0:			Yes

смелли:			Do these money mules know you're the leader of Lockbit?
LB0:			No lol they think I'm just some random hacker

смелли:			Wow. How much cash do you have these mules move?
LB0:			1000-7000$

смелли:			Do the mules go to the same ATM? Or multiple?
LB0:			lol? Of course not, they go to different ATMs, I trust *** no more than $7,000

смелли:			Do you give these mules a percentage of the money they cashed out?
LB0:			Yes, 5%

смелли:			In a video that was released, some cl0p ransomware affiliates stored their money under a mattress. Is that where you keep your money too?
LB0:			I don't have money under my mattress, everything I cash out I immediately invest in the business and mix it with legal money, this 
			way I inflate my business profits and launder money. And I spend only the money that is obtained in an honest way from the profits of 
			my business and pay with my card)))
			
смелли:			Hahahaha. Yes, its been rumored you own a restaurant. Is this true?
LB0:			It's true, now I have 3 restaurants in China, and 2 restaurants in New York

смелли:			Random question: If you had the chance to tell threat intelligence something, what would you say?
LB0:			Work better bums, you have to find all my competitors, but you can never find me.

смелли:			Random question: If you had the chance to talk to the FBI, what would you say?
LB0:			Free Assange.

смелли:			Random question: If you had a chance to tell an anti virus company something. What would you say?
LB0:			Don't watch your users please







 

31 octobre 2022

Une arnaque parmi tant d'autres sur un site de vente entre particuliers !

 


Bonjour,

Dans ce billet je voulais vous partager cette expérience (sans conséquence pour moi)  qui s'est passé sur le site "le bon coin" !
Elle peut servir à d'autres alors n'hésitez pas à partager ce billet au plus grand nombre !

Comme d'autres sites marchands, les arnaques sont monnaie courante. Celle ci s'est passée avec un membre de ma famille.

Ayant flairé l'arnaque nous avons cessé la transaction avec cette personne

Nous mettons en vente un blouson de moto et une personne semble être intéressée.
Elle nous contacte par SMS pour nous demander si nous acceptons de lui envoyer le blouson par Chronopost.

Elle propose de payer via Paylib (excellente application française que je recommande par ailleurs !).

  

 

 Elle nous met en confiance en montrant qu'elle est une habituée de ce genre de paiement !

 

 

Elle nous donne son adresse en que le paiement vient d’être fait !

 


 

Mais le message que nous recevons parle de Paypal et non de Paylib !!!
Elle tente de rectifier le tir : 

 

 

 

Et nous recevons ce message ( de Paylib ! 😊 )

 

 Où est l'arnaque ? 

La personne vous fait croire que vous avez été payé et que vous pouvez envoyer le colis 

Le lien est ouvert sur une machine virtuelle ! 



 



Et vos coordonnées bancaires sont transmises !