LockBit ransomware leaked online by angry developer

Someone has leaked the latest version of LockBit’s encryptor to the internet, and while at first it might seem like a data breach and theft...

Someone has leaked the latest version of LockBit’s encryptor to the internet, and while at first it might seem like a data breach and theft, the ransomware operator’s public representative claims it’s actually the work of a disgruntled developer.

A brand new Twitter account named Ali Qushji claimed their team hacked the servers of LockBit and found a builder for the LockBit 3.0 ransomware encryptor. Following the tweet, malware source code library VX-Underground chimed in, saying they were contacted by a user named “protonleaks” on September 10, with the same content. 

The same source also said that LockBitSupp, the public representative of the LockBit operation, confirmed that this was not the work of a hacking group, but rather a disgruntled developer, unsatisfied with the ransomware operator’s leadership.

Upset with leadership

"We reached out to Lockbit ransomware group regarding this and discovered this leaker was a programmer employed by Lockbit ransomware group," VX-Underground tweeted (and subsequently deleted the tweet). "They were upset with Lockbit leadership and leaked the builder."

BleepingComputer has since confirmed the authenticity of the leak, stating it’s the LockBit 3.0 encryptor’s builder, codenamed LockBit Black, that was leaked. The version, that’s been in the testing phase for two months leading up to June, came with a number of new features, including anti-analysis, a ransomware bug bounty program, and new methods of extortion.

Leaking the builder doesn’t mean whoever gets infected with LockBit can now easily decrypt the hijacked data. Instead, it means that other threat actors can compile their own versions with ease, tweaking various configuration options, the ransom note, and other details. While that might hurt LockBit’s operations to some extent, it also means that organizations could soon be facing an even bigger number of ransomware strains.

This is not the first time an encryptor’s source code leaked online. At the start of Russia’s invasion on Ukraine, a hacker leaked Conti’s source code, a ransomware group that publicly supported the invasion at the time. 

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/MNBsxu6



Apps,3857,Business,150,Camera,1155,Earn $$$,2,Gadgets,1740,Games,926,GTA,1,Innovations,2,Mobile,1696,Paid Promotions,4,Promotions,4,Sports,1,Technology,7961,Trailers,796,Travel,37,Trending,3,Trendly News,24425,TrendlyNews,1,Video,5,XIAOMI,13,YouTube - 9to5Google,1,
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: LockBit ransomware leaked online by angry developer
LockBit ransomware leaked online by angry developer
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy