LockBit breached, ransomware builder leaked

The LockBit ransomware operation had its builder for the LockBit 3.0 ransomware encryptor leaked following a data breach, reports BleepingComputer. Twitter user "Ali Qushji" noted that his team was able to obtain the ransomware builder after hacking LockBit's servers, said security expert 3xport in a tweet. VX-Underground later noted that they were contacted by 'protonleaks' regarding the builder on Sept. 10. However, LockBit representative LockBitSupp denied that the operation was hacked and emphasized that the leak was done by a disgruntled developer. "We reached out to Lockbit ransomware group regarding this and discovered this leaker was a programmer employed by Lockbit ransomware group. They were upset with Lockbit leadership and leaked the builder," said VX-Underground in a tweet that has been deleted. Examination of the leaked builder, which has been verified by various security researchers, revealed its capability to allow the immediate creation of executables for any threat actor looking to start their own operation.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.