The CyberWire Daily Podcast 11.30.22
Ep 1713 | 11.30.22

LockBit 3.0 and Punisher ransomware described. Leave that USB right in the parking lot where you found it. Killnet’s woofing. Lilac Wolverine’s big new BEC. And World Cup scams.

Show Notes

Has LockBit 3.0 been reverse engineered? A COVID lure contains a Punisher hook. A Chinese cyberespionage campaign uses compromised USB drives. Lilac Wolverine exploits personal connections for BEC. Killnet claims to have counted coup against the White House. Tim Starks from the Washington Post has the FCC’s Huawei restrictions and ponders what congress might get done before the year end. Our guest is Tom Eston from Bishop Fox with a look Inside the Minds & Methods of Modern Adversaries. And, of course, scams, hacks, and other badness surrounding the World Cup.

Selected reading.

LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling (Sophos News)

Punisher Ransomware Spreading Through Fake COVID Site (Cyble)

Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia (Mandiant)

BEC Group Compromises Personal Accounts and Pulls Heartstrings to Launch Mass Gift Card Attacks (Abnormal Security)

Killnet Claims Attacks Against Starlink,, and United Kingdom Websites (Trustwave)

Scammers on the pitch: Group-IB identifies online threats to fans at FIFA World Cup 2022 in Qatar (Group-IB)