LockBit Ransomware Distributed Via Word Files Disguised as Resumes

AhnLab SEcurity intelligence Center (ASEC) has identified that LockBit ransomware is being distributed via Word files since last month. A notable point is that the LockBit ransomware is usually distributed by disguising itself as resumes, and recently found malicious Word files were also disguised as resumes [1]. The distribution method of LockBit ransomware using external URLs in Word files was first found in 2022 [2]. The recently discovered file names of malicious Word files are as follows.

ahnlab asec center disguised distributed distribution files found intelligence lockbit lockbit ransomware malicious malware analysis point ransomware resumes security security intelligence word