Skip to main content
JS
Jacob Santos

Jacob Santos

Threat Hunter, Researcher and Builder

Sr. Threat Researcher | Trend AI
17
Articles
14
Threads
10+
Tools
10+
Talks
New LockBit 5.0 Targets Windows, Linux, ESXi
Trend AI Research Blog Sep 2025

New LockBit 5.0 Targets Windows, Linux, ESXi

RansomwareCross-PlatformLockBit

LockBit 5.0 represents a significant evolution of the LockBit ransomware family, now targeting Windows, Linux, and VMware ESXi environments with a unified codebase. This research details the heavy obfuscation techniques including string encryption and API hashing, anti-analysis measures that detect sandboxes and debuggers, and geopolitical safeguards that skip CIS-region systems. The article covers the full kill chain from initial access through lateral movement to encryption, with comparative analysis against previous LockBit versions.