Ransomware
LockBit breached, ransomware builder leaked
Share
The LockBit ransomware operation had its builder for the LockBit 3.0 ransomware encryptor leaked following a data breach, reports BleepingComputer.
Twitter user "Ali Qushji" noted that his team was able to obtain the ransomware builder after hacking LockBit's servers, said security expert 3xport in a tweet. VX-Underground later noted that they were contacted by 'protonleaks' regarding the builder on Sept. 10.
However, LockBit representative LockBitSupp denied that the operation was hacked and emphasized that the leak was done by a disgruntled developer.
"We reached out to Lockbit ransomware group regarding this and discovered this leaker was a programmer employed by Lockbit ransomware group. They were upset with Lockbit leadership and leaked the builder," said VX-Underground in a tweet that has been deleted.
Examination of the leaked builder, which has been verified by various security researchers, revealed its capability to allow the immediate creation of executables for any threat actor looking to start their own operation.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news