Press Release

April 14, 2023 11:42 AM

Updated statement regarding LockBit claims

Mike Beck, Chief Information Security Officer, Darktrace

We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems. We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.

Press Release

April 13, 2023 9:30 AM

Statement regarding LockBit claims

Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.


Press Release

Darktrace AI Stops Emotet Trojan Cyber-Attack at Saudi Arabian Construction Supply Giant

Company Device Caught Making Connections to Unusual Host in Attempted Compromise
Cambridge, UK
February 24, 2022
News coverage
News publication logo

Darktrace AI Stops Emotet Trojan Cyber-Attack at Saudi Arabian Construction Supply Giant

February 24, 2022

Darktrace, a global leader in cyber security AI, today announced that its Autonomous Response technology, Antigena, successfully took action to halt a recent cyber-attack targeting a construction supply enterprise in Saudi Arabia.

The company, which has been in business for over 50 years and has over 35 branches, was infiltrated by attackers in the early hours of the morning. Darktrace’s Self-Learning AI spotted that a company device was compromised by Emotet, an infamous trojan that rapidly spreads malware from device to device, exfiltrating sensitive financial information. Emotet, which had defeated static security controls in the organization, is often the precursor to ransomware if left uninterrupted.

Within minutes, Darktrace AI took action to successfully block malicious communications occurring between the infected device and an unusual host.

Self-Learning AI formed a constantly evolving understanding of both IT and operational technologies at the Saudi Arabian construction giant, allowing it to identify the subtle, emerging signs of Emotet. Within seconds, the algorithms took targeted action to interrupt the encroaching attack. This allowed the organization to continue normal business operations without disruption, and investigate the incident further.

The attack occurred amidst rising global cyber tensions and follows warnings from the Five Eyes urging companies to bolster defenses – particularly operators of critical national infrastructure or organizations that are critical to global supply chains.

“Since its emergence in 2014 the Emotet trojan has undergone multiple iterations and recently made a comeback globally,” commented Max Heinemeyer, Director of Threat Hunting at Darktrace. “Emotet is particularly dangerous because this type of botnet can quickly escalate into something like ransomware if not stopped. Business leaders should know there is technology out there that can stop these attacks in their tracks, before sensitive data leaves the organization and before any ransom is demanded.”

About Darktrace

About Darktrace

Share this article
More Darktrace news