• LockBit ransomware was first reported in 2019. It has been dubbed as the “abcd” virus due to the file extension used when encrypting victims’ files.
• It is designed to infiltrate victims’ systems and encrypt important files. The virus is categorized as a “crypto virus” due to its requests for payment in cryptocurrency to decrypt files on the victim’s device.
• The ransomware is therefore typically deployed against victims who feel hindered enough by the disruption to pay heavy sums in exchange for access to the files and can afford to do so.
• Modus operandi: The gang behind the LockBit ransomware reportedly maintains a dark web portal to recruit members and release data of victims who refuse to meet their demands, as part of their business model.
• LockBit ransomware has been used to attack businesses and organizations in the United States, China, India, Ukraine, and Indonesia.
• In addition, there have been reported attacks across all of Europe, particularly in France, Germany, and the UK.

Darkweb:

• The dark web is the World Wide Web content that exists on darknets:
• overlay networks that use the Internet but require specific software, configurations, or authorization to access.
• Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user’s location.
• The dark web forms a small part of the deep web, the part of the Web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.
• The darknets which constitute the dark web include small, friend-to-friend peer-to-peer networks, as well as large, popular networks such as Tor, Freenet, I2P, and Riffle operated by public organizations and individuals.
• Users of the dark web refer to the regular web as Clearnet due to its unencrypted nature.