Lockbits SpA
Company Details
Linkedin ID:
lockbitscl
Website:
Employees number:
4
Number of followers:
746
NAICS:
541514
Industry Type:
Homepage:
lockbits.cl
IP Addresses:
0
Company ID:
LOC_3276278
Scan Status:
In-progress
Lockbits SpA Company CyberSecurity Posture
lockbits.cl
Lockbits es una compañía chilena de seguridad informática que comercializa software de terceros (ESET, Microsoft) a través de un modelo de partnership, y que brinda valor a través de servicios de seguridad, de un excelente asesoramiento de venta consultiva y, a través de su servicio de post venta que es lo que los diferencia de la competencia, ya que brindan un servicio de elevada calidad y atención.
Lockbits SpA A.I CyberSecurity Scoring
Lockbits SpA Risk Score (AI oriented)Between 650 and 699
Lockbits SpA
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Lockbits SpA Global Score (TPRM)XXXX
Lockbits SpA
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Lockbits SpA Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
QILINQilin, Akira, LockBit, DragonForce and Safepay: Ransomware activity never dies, it multiplies
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Ransomware Attacks Hit Record Highs in 2025 Despite Major Disruptions A new study by Symantec and the Carbon Black Threat Hunter Team reveals that ransomware attacks surged to unprecedented levels in 2025, with threat actors adapting rapidly to law enforcement crackdowns and evolving their extortion tactics. The report documented 4,737 claimed ransomware attacks the highest annual total on record despite the collapse of two major operations. RansomHub, the most active group at the time, abruptly shut down in April 2025, causing a brief dip in activity. However, former affiliates quickly migrated to other groups, restoring attack volumes within weeks. LockBit (tracked as Syrphid) also failed to recover after late-2024 law enforcement actions. New leaders emerged to fill the void. Akira and Qilin each accounted for 16% of attacks, while Inc, Safepay, and the newly identified DragonForce contributed smaller but significant shares. The fluid movement of affiliates, access brokers, and tooling between groups sustained overall activity levels. Beyond traditional encryption-based ransomware, extortion campaigns without encryption surged in 2025. These attacks focused on data theft and public leaks pushed total extortion incidents to 6,182, a 23% increase from 2024. Snakefly’s Cl0p operation played a key role, exploiting vulnerabilities in enterprise software to target government and industrial sectors at scale. Social engineering also became a dominant attack vector, with groups like ShinyHunters and Scattered Spider using phone-based impersonation, credential harvesting, and OAuth abuse to breach cloud environments. Attackers tricked employees into authorizing malicious apps or sharing authentication codes, reducing reliance on malware. A new ransomware strain, Warlock, drew attention for its ties to older espionage tooling. Exploiting a zero-day in Microsoft SharePoint and using DLL sideloading, Warlock incorporated components linked to Chinese state-sponsored activity, blending ransomware with broader intrusion campaigns. Despite these shifts, attack chains remained consistent. Threat actors relied on "living off the land" techniques, leveraging PowerShell, remote management tools, and credential dumping to evade detection. Malware often appeared late in the intrusion, just before encryption or data theft. The findings underscore how ransomware operations continue to thrive, even as law enforcement disrupts key players, by diversifying extortion methods and exploiting shared infrastructure.
Lockbits SpA Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Lockbits SpA
Incidents vs Computer and Network Security Industry Average (This Year)
No incidents recorded for Lockbits SpA in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Lockbits SpA in 2026.
Incident Types Lockbits SpA vs Computer and Network Security Industry Avg (This Year)
No incidents recorded for Lockbits SpA in 2026.
Incident History — Lockbits SpA (X = Date, Y = Severity)
Lockbits SpA cyber incidents detection timeline including parent company and subsidiaries
Lockbits SpA Company Subsidiaries
Lockbits es una compañía chilena de seguridad informática que comercializa software de terceros (ESET, Microsoft) a través de un modelo de partnership, y que brinda valor a través de servicios de seguridad, de un excelente asesoramiento de venta consultiva y, a través de su servicio de post venta que es lo que los diferencia de la competencia, ya que brindan un servicio de elevada calidad y atención.
Loading...
Lockbits SpA Similar Companies
Palo Alto Networks
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest s
CrowdStrike
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk — endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-clas
NETWORK-SECURITY-SOLUTIONS
## Our core business We manage linux / unix server infrastructures and build the efficient and secure networking environments using hardware cutting edge technologies suited to the needs of the project and the client. We believe in quality, opposed to quantity. Our company consists of highly
.png)
Lockbits SpA CyberSecurity News
July 26, 2022 07:00 AM
LockBit ransomware gang claims it ransacked Italy’s tax agency
The LockBit ransomware crew is claiming to have stolen 78GB of data from Italy's tax agency and is threatening to leak it if a ransom isn't paid by July 31.
August 05, 2021 07:00 AM
Italian energy company ERG hit by LockBit 2.0 ransomware gang
ERG SPA, an Italian energy company, reports a minor impact on its operations after the recent ransomware attack conducted by LockBit 2.0 gang.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Lockbits SpA CyberSecurity History Information
Official Website of Lockbits SpA
The official website of Lockbits SpA is http://www.lockbits.cl.
Lockbits SpA’s AI-Generated Cybersecurity Score
According to Rankiteo, Lockbits SpA’s AI-generated cybersecurity score is 671, reflecting their Weak security posture.
How many security badges does Lockbits SpA’ have ?
According to Rankiteo, Lockbits SpA currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Lockbits SpA been affected by any supply chain cyber incidents ?
According to Rankiteo, Lockbits SpA has been affected by a supply chain cyber incident involving QILIN, with the incident ID QILAKILOCDRASAF1768585619.
Does Lockbits SpA have SOC 2 Type 1 certification ?
According to Rankiteo, Lockbits SpA is not certified under SOC 2 Type 1.
Does Lockbits SpA have SOC 2 Type 2 certification ?
According to Rankiteo, Lockbits SpA does not hold a SOC 2 Type 2 certification.
Does Lockbits SpA comply with GDPR ?
According to Rankiteo, Lockbits SpA is not listed as GDPR compliant.
Does Lockbits SpA have PCI DSS certification ?
According to Rankiteo, Lockbits SpA does not currently maintain PCI DSS compliance.
Does Lockbits SpA comply with HIPAA ?
According to Rankiteo, Lockbits SpA is not compliant with HIPAA regulations.
Does Lockbits SpA have ISO 27001 certification ?
According to Rankiteo,Lockbits SpA is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Lockbits SpA
Lockbits SpA operates primarily in the Computer and Network Security industry.
Number of Employees at Lockbits SpA
Lockbits SpA employs approximately 4 people worldwide.
Subsidiaries Owned by Lockbits SpA
Lockbits SpA presently has no subsidiaries across any sectors.
Lockbits SpA’s LinkedIn Followers
Lockbits SpA’s official LinkedIn profile has approximately 746 followers.
NAICS Classification of Lockbits SpA
Lockbits SpA is classified under the NAICS code 541514, which corresponds to Others.
Lockbits SpA’s Presence on Crunchbase
No, Lockbits SpA does not have a profile on Crunchbase.
Lockbits SpA’s Presence on LinkedIn
Yes, Lockbits SpA maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/lockbitscl.
Cybersecurity Incidents Involving Lockbits SpA
As of January 23, 2026, Rankiteo reports that Lockbits SpA has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Lockbits SpA has an estimated 3,300 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Lockbits SpA ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
Incident Details
Can you provide details on each incident ?
Title: Ransomware Attacks Hit Record Highs in 2025 Despite Major Disruptions
Description: A new study by Symantec and the Carbon Black Threat Hunter Team reveals that ransomware attacks surged to unprecedented levels in 2025, with threat actors adapting rapidly to law enforcement crackdowns and evolving their extortion tactics. The report documented 4,737 claimed ransomware attacks, the highest annual total on record, despite the collapse of two major operations. Extortion campaigns without encryption also surged, pushing total extortion incidents to 6,182, a 23% increase from 2024.
Date Detected: 2025
Date Publicly Disclosed: 2025
Type: ransomware
Attack Vector: social engineeringzero-day exploitDLL sideloadingOAuth abusecredential harvestingphone-based impersonationvulnerability exploitation
Vulnerability Exploited: Microsoft SharePoint zero-dayenterprise software vulnerabilities
Threat Actor: RansomHubLockBit (Syrphid)AkiraQilinIncSafepayDragonForceSnakefly (Cl0p)ShinyHuntersScattered SpiderWarlock
Motivation: financial gaindata theftespionage
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through social engineeringzero-day exploitsvulnerabilities.
Impact of the Incidents
What was the impact of each incident ?
Incident : ransomware QILAKILOCDRASAF1768585619
Data Compromised: 6,182 extortion incidents (23% increase from 2024)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information, Corporate Data and .
Which entities were affected by each incident ?
Incident : ransomware QILAKILOCDRASAF1768585619
Entity Type: government, industrial, enterprise
Industry: government, industrial, cloud services
Data Breach Information
What type of data was compromised in each breach ?
Incident : ransomware QILAKILOCDRASAF1768585619
Type of Data Compromised: Personally identifiable information, Corporate data
Sensitivity of Data: high
Data Encryption: ['partial', 'none (extortion-only attacks)']
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : ransomware QILAKILOCDRASAF1768585619
Ransomware Strain: RansomHubLockBitAkiraQilinIncSafepayDragonForceWarlock
Data Encryption: True
Data Exfiltration: True
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : ransomware QILAKILOCDRASAF1768585619
Lessons Learned: Ransomware operations continue to thrive despite law enforcement disruptions by diversifying extortion methods, exploiting shared infrastructure, and leveraging social engineering and zero-day exploits.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Ransomware operations continue to thrive despite law enforcement disruptions by diversifying extortion methods, exploiting shared infrastructure, and leveraging social engineering and zero-day exploits.
References
Where can I find more information about each incident ?
Incident : ransomware QILAKILOCDRASAF1768585619
Source: Symantec and Carbon Black Threat Hunter Team Report
Date Accessed: 2025
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Symantec and Carbon Black Threat Hunter Team ReportDate Accessed: 2025.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : ransomware QILAKILOCDRASAF1768585619
Entry Point: Social Engineering, Zero-Day Exploits, Vulnerabilities,
High Value Targets: Government, Industrial Sectors,
Data Sold on Dark Web: Government, Industrial Sectors,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : ransomware QILAKILOCDRASAF1768585619
Root Causes: Law Enforcement Disruptions Leading To Affiliate Migration, Exploitation Of Zero-Day Vulnerabilities, Social Engineering Tactics, Living Off The Land Techniques,
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an RansomHubLockBit (Syrphid)AkiraQilinIncSafepayDragonForceSnakefly (Cl0p)ShinyHuntersScattered SpiderWarlock.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were 6 and182 extortion incidents (23% increase from 2024).
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were 6 and182 extortion incidents (23% increase from 2024).
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Ransomware operations continue to thrive despite law enforcement disruptions by diversifying extortion methods, exploiting shared infrastructure, and leveraging social engineering and zero-day exploits.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Symantec and Carbon Black Threat Hunter Team Report.
Initial Access Broker
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
Azure Entra ID Elevation of Privilege Vulnerability
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.
Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=lockbitscl' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
