216.73.217.22

LockBit strikes with new 5.0 version, targeting Windows, Linux and ESXI systems

· Published 12/02/2026 15:08 · Modified 12/02/2026 21:53

Export JSON

Essential information

Published
12/02/2026 15:08
Modified
12/02/2026 21:53
Tags
2026-02-12 defense evasion double-extortion encryption esxi infrastructure linux lockbit ransomware smokeloader virtualization windows
Related entities
6 observables, 1 intrusion sets (apt), 33 others

Description

5.0, the latest version of the notorious , has been released with support for , , and systems. This update brings improved , faster , and enhanced modularity. The variant employs extensive anti-analysis techniques, while and versions remain unpacked. All variants share a common scheme using XChaCha20 and Curve25519. 5.0 demonstrates a focus on enterprise and targets, including explicit support for Proxmox . The group's data leak site reveals a primary focus on the U.S. business sector, with victims spanning various industries. 's has shown connections to , suggesting possible cooperation or reuse among malware operators.

Related entities

Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.

Observables (6)

  • 98d8c7870c8e99ca6c8c25bb9ef79f71c25912fbb65698a9a6f22709b8ad34b6
  • 1da6525ae1ef83b6f1dc02396ef0933732f9ffdfca0fda9b2478d32a54e3069b
  • 4dc06ecee904b9165fa699b026045c1b6408cc7061df3d2a7bc2b7b4f0879f4d
  • 90b06f07eb75045ea3d4ba6577afc9b58078eafeb2cdd417e2a88d7ccf0c0273
  • 180e93a091f8ab584a827da92c560c78f468c45f2539f73ab2deb308fb837b38
  • 7ea5afbc166c4e23498aa9747be81ceaf8dad90b8daa07a6e4644dc7c2277b82

Intrusion sets (APT) (1)

  • LockBit
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 Published 20/12/2025 23:28 · Modified 21/12/2025 12:28

Others (33)

  • United States of America
  • Finance
  • Education
  • Manufacturing
  • Healthcare
  • Government
  • lockbit7z2jwcskxpbokpemdxmltipntwlkmidcll2qirbu7ykg46eyd.onion
  • lockbitfbinpwhbyomxkiqtwhwiyetrbkb4hnqmshaonqxmsrqwg7yad.onion
  • lockbit7z3ujnkhxwahhjduh5me2updvzxewhhc5qvk2snxezoi5drad.onion
  • lockbit7z5ltrhzv46lsg447o3cx2637dloc3qt4ugd3gr2xdkkkeayd.onion
  • lockbit7z2og4jlsmdy7dzty3g42eu3gh2sx2b6ywtvhrjtss7li4fyd.onion
  • lockbit7z4ndl6thsct34yd47jrzdkpnfg3acfvpacuccb45pnars2ad.onion
  • lockbit7z6dqziutocr43onmvpth32njp4abfocfauk2belljjpobxyd.onion
  • lockbitsuppyx2jegaoyiw44ica5vdho63m5ijjlmfb7omq3tfr3qhyd.onion
  • lockbit7z37ntefjdbjextn6tmdkry4j546ejnru5cejeguitiopvhad.onion
  • lockbit7z4k5zer5fbqi2vdq5sx2vuggatwyqvoodrkhubxftyrvncid.onion
  • lockbit7z4bsm63m3dagp5xglyacr4z4bwytkvkkwtn6enmuo5fi5iyd.onion
  • lockbit7z6qinyhhmibvycu5kwmcvgrbpvtztkvvmdce5zwtucaeyrqd.onion
  • rodericwalter.com
  • lockbit7z6f3gu6rjvrysn5gjbsqj3hk3bvsg64ns6pjldqr2xhvhsyd.onion
  • lockbit7z57mkicfkuq44j6yrpu5finwvjllczkkp2uvdedsdonjztyd.onion
  • lockbit7z5ehshj6gzpetw5kso3onts6ty7wrnneya5u4aj3vzkeoaqd.onion
  • lockbit7z3hv7ev5knxbrhsvv2mmu2rddwqizdz4vwfvxt5izrq6zqqd.onion
  • lockbit7z355oalq4hiy5p7de64l6rsqutwlvydqje56uvevcc57r6qd.onion
  • lockbit7z36ynytxwjzuoao46ck7b3753gpedary3qvuizn3iczhe4id.onion
  • lockbit7z3ddvg5vuez2vznt73ljqgwx5tnuqaa2ye7lns742yiv2zyd.onion
  • lockbit7z6rzyojiye437jp744d4uwtff7aq7df7gh2jvwqtv525c4yd.onion
  • lockbit7z4cgxvictidwfxpuiov4scdw34nxotmbdjyxpkvkg34mykyd.onion
  • lockbit7z55tuwaflw2c7torcryobdvhkcgvivhflyndyvcrexafssad.onion
  • lockbit7z6choojah4ipvdpzzfzxxchjbecnmtn4povk6ifdvx2dpnid.onion
  • lockbit7z3azdoxdpqxzliszutufbc2fldagztdu47xyucp25p4xtqad.onion
  • lockbit7z5hwf6ywfuzipoa42tjlmal3x5suuccngsamsgklww2xgyqd.onion
  • lockbit7z2mmiz3ryxafn5kapbvbbiywsxwovasfkgf5dqqp5kxlajad.onion

External references