Ransomware cyber

Swiss software/IT firm

Jun 17, 2025 1 min read
Swiss software/IT firm

The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, with the operators taking a 20% cut. A significant data leak from the May 2025 hack of a LockBit affiliate panel revealed that one affiliate successfully extorted $2 million from a Swiss software/IT firm. This attack highlights the financial impact and the potential for significant data leaks within the organization.

Source: https://www.helpnetsecurity.com/2025/06/12/lockbit-data-leak-targets-ransoms/

TPRM report: https://scoringcyber.rankiteo.com/company/swissquant-group-ag

"id": "swi436061725",
"linkid": "swissquant-group-ag",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': ['Manufacturing',
                                     'Consumer Services',
                                     'Finance',
                                     'Software/IT',
                                     'Government'],
                        'location': ['China', 'US', 'Taiwan', 'Russia']}],
 'attack_vector': 'Ransomware-as-a-Service (RaaS)',
 'date_detected': '2025-05-01',
 'description': 'The LockBit ransomware-as-a-service (RaaS) operation has '
                'netted around $2.3 million USD within 5 months, the data leak '
                'stemming from the May 2025 hack of a LockBit affiliate panel '
                'has revealed. From that sum, the operators took their 20% cut '
                '(approximately USD 456,000), and they additionally “earned” '
                'some $10,000-$11,000 USD from affiliates that registered '
                'through the panel. The US DoJ previously estimated that '
                'LockBitSupp – the leader of the LockBit outfit – “earned” '
                'around $100 million USD between 2019 and 2024.',
 'impact': {'data_compromised': 'Details on LockBit ransomware affiliates, '
                                'victim organizations, chat logs, '
                                'cryptocurrency wallets and ransomware build '
                                'configurations',
            'financial_loss': '$2.3 million USD'},
 'investigation_status': 'Ongoing',
 'lessons_learned': 'The data leak reveals the complex and less glamorous '
                    'reality of ransomware activities, indicating that while '
                    'profitable, it’s far from perfectly orchestrated. The '
                    'incident also highlights the importance of international '
                    'cooperation in law enforcement efforts against '
                    'cybercrime.',
 'motivation': 'Financial Gain',
 'ransomware': {'data_encryption': True,
                'ransom_demanded': ['$2,000 to $40,000 USD', '$2 million USD'],
                'ransomware_strain': 'LockBit'},
 'references': [{'source': 'Trellix'}],
 'response': {'law_enforcement_notified': True},
 'threat_actor': 'LockBit',
 'title': 'LockBit Ransomware-as-a-Service (RaaS) Operation',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.