LockBit Black Ransomware On Reverse Shell: Analysis of Infection

Abstract

This research was conducted due to the widespread occurrence of ransomware attacks, especially in Indonesia, against data that is at the endpoint and has even reached the banking sector. to estimate the likelihood of future ransomware infections. LockBit 3 ransomware aka LockBit Black is ransomware that has penetrated one of the banks in Indonesia, along with a reverse shell which is an infection method that cannot be recognized by every protection so that when combined it can penetrate all sides of protection. The method used to research the combination of ransomware and reverse shell is a hybrid analysis with a combination of static and dynamic analysis, to see every capability that can be carried out by the LockBit Black ransomware and channeled through the reverse shell. In this research, we can see the real impact of the attack and estimate protection in the future from the results of this analysis so that variant ransomware attacks from LockBit can be overcome.