Friday 5th May 2023

CTI Weekly: LockBit RaaS claims supply chain breach of 60+ companies; SpecTor operation nabs 288 dark web drug trade suspects; FBI seizes illicit crypto exchange websites; and more cybersecurity news

Key Issue:

LockBit claims to have breached more than 60 companies in supply chain compromise

LockBit Ransomware-as-a-Service (RaaS) affiliate has claimed to have stolen data from over 60 companies, following an alleged breach of Cloud51 Data Solutions, which offers IT support and service solutions to a diverse clientele in the US. LockBit has demanded an undisclosed ransom amount to prevent the publication of Cloud51’s data on a leak site, which the company has until 9 May to pay. LockBit has allegedly obtained confidential data from all the targeted companies, including supplier details, Social Security Numbers, and passport copies.

The incident is notable as LockBit has publicly disclosed the supply chain compromise, and the threat of supply chain compromise is becoming increasingly prevalent, highlighting the need for companies to take proactive measures to manage risk and secure their supply chain.

Other news:

Law Enforcement

Europol’s operation ‘SpecTor’ has resulted in the apprehension of 288 suspects involved in the illegal drug trade on the dark web marketplace “Monopoly Market.” Additionally, a joint operation involving US government agencies and partners in Germany, Austria, and France has led to the seizure of a payment card verification platform that facilitated major carding marketplaces in making millions in illicit revenue.

Meanwhile, the FBI and Ukrainian police have conducted a coordinated operation to seize the websites of nine illicit cryptocurrency exchanges that facilitated money laundering schemes of cybercriminal groups.

Banking Malware

Researchers have discovered that the cybercrime syndicate, TA505, is using a new type of banking malware called Lobshot to infiltrate Windows machines via Google Ads and a network of fake websites.


The Royal Ransomware group attacked and compromised the IT systems of the City of Dallas, Texas, causing the city to shut down some systems to prevent further spread of the ransomware. Meanwhile, the AvosLocker Ransomware group hacked into a university’s network and emergency broadcast system, sending SMS texts to students and staff, notifying them that their data had been stolen and would be released soon.

Subscribe below for more and to discover other significant cyber criminals, nation-state and hacktivist news.

Get our latest cyber intelligence insights straight into your inbox

Fill out the short form below to subscribe to our newsletter so that you never miss out on our cyber intelligence insights and news.