Skip to content
Home ยป Developer leaks LockBit ransomware online

Developer leaks LockBit ransomware online


Someone leaked LockBit latest encryptor on the internet, but the ransomware operator’s public representative insists it’s the work of a frustrated developer.

According to a new Twitter account, Ali Qushji and his colleagues got into the LockBit servers and extracted the source code for the LockBit 3.0 ransomware encryptor. Malware source code library VX-Underground then chimed in, saying they had been contacted by a user named “protonleaks” on September 10 with the identical content, echoing the tweet’s original message.

According to the same source, LockBitSupp, the ransomware operation’s official spokesman, has acknowledged that the incident was not the work of hackers but of a disgruntled developer who is unhappy with the company’s management.

Dissatisfied with the current administration

In response to this, VX-Underground contacted the Lockbit ransomware gang and learned that the leaker was a programmer working for the group (and subsequently deleted the tweet). Due to Lockbit’s poor leadership, they revealed the builder.

Since then, BleepingComputer has validated the leak’s veracity, saying the file is the source code for LockBit 3.0, dubbed LockBit Black. After two months of beta testing leading up to June, the new version released with several improvements, such as anti-analysis tools, a ransomware bug bounty programme, and alternative extortion strategies.

Sharing the builder with the world won’t make it easy for someone infected with LockBit to decrypt the stolen information. This instead allows other threat actors to easily construct their own versions, changing numerous configuration variables, the ransom letter, and other elements to suit their own purposes. While that could be bad for LockBit’s business, it also implies that companies may soon have to deal with even more ransomware types.

The encryption tool’s source code is public. A hacker revealed the source code for the ransomware group Conti, which at the time publicly backed Russia’s invasion of Ukraine, at the very beginning of Russia’s incursion.

Leave a Reply

Your email address will not be published. Required fields are marked *