Threat actors are attempting to disguise the Golang ransomware as the infamous Lockbit ransomware to intimidate their victims. These actors are using the Amazon S3 Transfer Acceleration feature in the attacks to exfiltrate victim data. After accessing a target user’s machine, the attacker encrypts the user’s files and then changes the victim’s wallpaper. The wallpaper displays an image mentioning LockBit 2.0, likely attempting to intimidate victims into paying the ransom. 

Read more: https://thehackernews.com/2024/10/ransomware-gangs-use-lockbits-fame-to.html