A disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builder

A disgruntled developer seems to be responsible for the leak of the builder for the latest encryptor of the LockBit ransomware gang.

The leak of the builder for the latest encryptor of the LockBit ransomware gang made the headlines, it seems that the person who published it is a disgruntled developer.

The latest version of the encryptor, version 3.0, was released by the gang in June. According to the gang, LockBit 3.0 has important novelties such as a bug bounty program, Zcash payment, and new extortion tactics. The gang has been active since at least 2019 and today it is one of the most active ransomware gangs.

The code of the encryptor was leaked on Twitter by at least a couple of accounts, @ali_qushji and @protonleaks1.

The builder is contained in a password-protected 7z archive, “LockBit3Builder.7z,” containing:

  • Build.bat;
  • builder.exe;
  • config.json;
  • keygen.exe.

Ali Qushji claims to have hacked the servers of the ransomware gang and stolen the ransomware encryptor.

Is the hack real?

BleepingComputer reported that the research team VX-Underground was informed by a representative of the LockBit operation that their infrastructure was not hacked. The representative added that the leak is the work of a disgruntled developer.

“We reached out to Lockbit ransomware group regarding this and discovered this leaker was a programmer employed by Lockbit ransomware group,” reads a now deleted tweet published by VX-Underground. “They were upset with Lockbit leadership and leaked the builder.”

The availability of the builder could allow any malicious actor to create its own version of the ransomware customizing it by modifying the configuration file.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, data leak)

Read the full article here

Hosted by
News Room

Cybervizer is a blog and podcast site that focuses on the latest technology and cybersecurity topics that are impacting enterprises, both small and large. Join us to explore the most important trends in enterprise technology and cybersecurity today. Get true insights into the tech and trends that will impact you and your organization.

Sign Up for Our Morning Boot Cybersecurity Newsletter

Sponsored Ad

Cybervizer Recommended Book