Hackers in the underground marketplace have introduced a new Exfiltrator-22, or EX-22, post-exploitation framework. According to the CYFIRMA team, LockBit 3.0 affiliates or its members are most probably behind its development. The developers have used the same C2 infrastructure previously exposed in a LockBit 3.0 sample. In the latest instance, criminals displayed lateral movement and ransomware-spreading capabilities.
Support the originator by clicking the read the rest link below.
