The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) has detected a formidable new cyber threat.
Dubbed LockBit Black, this ransomware campaign is leveraging a botnet to distribute millions of weaponized emails, posing a significant risk to individuals and organizations.
The LockBit Black campaign, identified through the NJCCIC’s sophisticated email security solutions, has also been spotlighted through incident reports and observations from various information-sharing and analysis centers.
The hallmark of this campaign is its use of emails containing malicious ZIP attachments, all seemingly sent from the same email addresses: “JennyBrown3422[@]gmail[.]com” and “Jenny[@]gsd[.]com.”
Upon opening these ZIP files, victims find a compressed executable that, once executed, unleashes the LockBit Black ransomware onto the operating system.
Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers
This particular strain of ransomware encrypts files, rendering them inaccessible to users and demanding a ransom for their release.
The campaign has been notably associated with the Phorpiex (Trik) botnet, which delivered the ransomware payload.
Investigations have revealed over 1,500 unique sending IP addresses linked to this campaign, many of which can be traced back to countries such as Kazakhstan, Uzbekistan, Iran, Russia, and China.
Two IP addresses, in particular, were identified as hosting the LockBit executables: 193 [.]233[.]132[.]177 and 185[.]215[.]113[.]66.
The emails often lure victims with subject lines such as “your document” and “photo of you???” Fortunately, the NJCCIC has successfully blocked or quarantined all associated emails, mitigating the immediate threat.
In response to this escalating threat, the NJCCIC has issued a series of recommendations aimed at bolstering the cybersecurity posture of individuals and organizations:
Furthermore, the NJCCIC encourages reporting phishing emails and other malicious cyber activities to the FBI’s Internet Crime Complaint Center (IC3) and the NJCCIC itself, fostering a collaborative effort to combat these cyber threats.
On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free
A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…
A threat actor known as #LongNight has reportedly put up for sale remote code execution…
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…
Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…
The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…
Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…