Channels

Sticky Video Player with Ad Breaks
📺 WATCH US NOW!

New LockBit 5.0 variant is a cross-platform ransomware nightmare

September 29, 2025

LockBit is the notorious ransomware gang responsible for running one of the world’s most dangerous Ransomware-as-a-Service (RaaS) platforms. Now, LockBit has reportedly returned with LockBit 5.0, a new variant of the group’s ransomware that’s already in active use.

In early 2024, a task force of law enforcement agencies conducted Operation Cronos, which took down several big pieces of infrastructure from the prolific ransomware group. As an RaaS provider, the group sold tools and software that affiliates could use for their own hacking operations. It was seen as a major victory at the time. Well over a year later, it seems LockBit is back and, according to a technical analysis by Trend Micro, that isn’t good news. 

In early September, LockBit announced a new version of its ransomware software, LockBit 5.0. Since then, Trend Micro researchers have been looking for examples of LockBit 5.0 being used in the wild, so to speak. Not only was the company able to find examples on Windows, Linux, and ESXi (virtual machines), but its analysis of LockBit Version 5.0 showed that it’s the most advanced ransomware the group has made yet. 

Per Trend Micro, version 5.0 shares some common elements with version 4.0, meaning it’s an evolution rather than an entirely new piece of ransomware. The new version adds horrible features like a DLL reflection (the ability to load a DLL from memory), a few new anti-analysis techniques, and — for the Linux variant anyway — the ability to use the command line to target specific directories and file types. All versions also add a random 16-bit string to make getting your data back that much harder. 

Once the ransomware takes control of your computer, it seems to behave the same way that prior LockBit versions did, where you get a ransom note in a text file with instructions on where to go to pay your ransom. There is also the option to “chat with support” to negotiate the ransom. 

In addition to the technical details, it’s been reported that LockBit’s affiliate incentive model has been refreshed, giving bad actors even more incentive to use the software. Reportedly, the refresh was meant to recruit people back to LockBit after the service disruption caused by Operation Cronos last year. 

With LockBit back in action, it joins a new generation of AI-powered ransomware that hit the market in late summer 2025, also known as PromptLock. So, if you haven’t been keeping up to speed on the latest cybersecurity threats and scams, now is a great time to refresh yourself on how to be safe on the Internet.

Content Accuracy: Keewee.News provides news, lifestyle, and cultural content for informational purposes only. Some content is generated or assisted by AI and may contain inaccuracies, errors, or omissions. Readers are responsible for verifying the information. Third-Party Content: We aggregate articles, images, and videos from external sources. All rights to third-party content remain with their respective owners. Keewee.News does not claim ownership or responsibility for third-party materials. Affiliate Advertising: Some content may include affiliate links or sponsored placements. We may earn commissions from purchases made through these links, but we do not guarantee product claims. Age Restrictions: Our content is intended for viewers 21 years and older where applicable. Viewer discretion is advised. Limitation of Liability: By using Keewee.News, you agree that we are not liable for any losses, damages, or claims arising from the content, including AI-generated or third-party material. DMCA & Copyright: If you believe your copyrighted work has been used without permission, contact us at dcma@keewee.news. No Mass Arbitration: Users agree that any disputes will not involve mass or class arbitration; all claims must be individual.

Related Posts

Arnold Schwarzenegger cut back on protein drinks. Here’s how he fuels for workouts instead.
Arnold Schwarzenegger cut back on protein drinks. Here’s how he f ...
October 9, 2025
Bad posture could be the sneaky reason you feel bloated, a doctor says. Here’s one easy stretch to fix it.
Bad posture could be the sneaky reason you feel bloated, a doctor ...
October 9, 2025
OpenAI COO Brad Lightcap calls the AI giant the ‘world’s most active Slack user’
OpenAI COO Brad Lightcap calls the AI giant the ‘world’s most act ...
October 9, 2025

Sponsored Advertisement