Threat Group Profile
lockbit5
โ Active โ last 30 days
Victim claims
103
First seen
Mar 2026
Last activity
19 Jun 2026
Tracked since
Dec 2025
Group overview
LockBit 5.0 ("ChuongDong") emerged in September 2025 as the group's resurgence following the February 2024 law enforcement takedown, introducing cross-platform payloads targeting Windows, Linux, and VMware ESXi with enhanced evasion capabilities and continuing the RaaS affiliate model of its predecessors.
Preferred targets
Business Services ยท 18
Manufacturing ยท 16
Healthcare ยท 9
Agriculture and Food Production ยท 9
Consumer Services ยท 7
Hospitality and Tourism ยท 5
Most targeted countries
US ยท 11
DE ยท 9
IT ยท 7
BR ยท 7
TH ยท 5
NL ยท 4