Press Release

April 14, 2023 11:42 AM

Updated statement regarding LockBit claims

Mike Beck, Chief Information Security Officer, Darktrace

We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems. We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.

Press Release

April 13, 2023 9:30 AM

Statement regarding LockBit claims

Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.


Press Release

Major UK Retailer Stops Novel Malware Attack with Darktrace AI

Company Targeted by ‘BumbleBee’, a Sophisticated Malware Loader
Cambridge, UK
May 19, 2022
News coverage
News publication logo

Major UK Retailer Stops Novel Malware Attack with Darktrace AI

May 19, 2022

Darktrace, a global leader in cyber security AI, today announced that a UK retailer used Darktrace’s AI to stop a cyber-attack attempting to leverage ‘BumbleBee’, a new malware loader known to be used by Russia-based ransomware group Conti among other cyber-criminal entities.

The company, a major UK retailer founded over 20 years ago, was leveraging Darktrace’s Self-Learning AI when it was targeted by a cyber-attack. The AI had established an evolving understanding of ‘normal’ for the company’s operations in order to detect the subtle indicators of an emerging cyber-threat.

In the early hours of one morning in April, Darktrace’s AI detected that an internal device was communicating unusually with multiple external endpoints. The AI began investigating the activity in real time and the company’s security team were alerted to potentially malicious activity, enabling them to take the compromised device offline before malware could spread through the organization.

The AI was able to detect the activity without any need for new threat signatures or a feed of threat intelligence, while human analysis was then used to identify the explicit strain of malware. BumbleBee is believed to have replaced Conti’s ‘BazarLoader’, which the Russia-based group infamously used to deploy ransomware. Loaders typically serve as the first stage of a cyber-attack, offering cyber-criminals the ability to deploy malicious code at scale, and serve as a bridgehead into compromised networks to push other malware, including ransomware.

“We’ve seen a dangerous surge in malware loader activity in recent months as attackers seek out new techniques that will avoid traditional methods of detection,” commented Toby Lewis, Darktrace’s Global Head of Threat Analysis. “These attack tools, particularly novel variants like BumbleBee, illustrate the need for cutting-edge technology like AI that understands the shades of grey in very complex systems. Defenders shouldn’t have to wait for the release of threat indicators and threat intelligence before they are able to detect and respond to these attacks.”

About Darktrace

Darktrace (DARK.L), a global leader in cyber security AI, delivers world-class technology that protects over 6,800 customers worldwide from advanced threats, including ransomware and cloud and SaaS attacks. Darktrace’s fundamentally different approach applies Self-Learning AI to enable machines to understand the business in order to autonomously defend it. Headquartered in Cambridge, UK, the Group has more than 2,000 employees worldwide. Darktrace was named one of TIME magazine’s ‘Most Influential Companies’ for 2021.

Share this article
More Darktrace news