It’s a real twist in the sphere of hacking: Lockbit, the most formidable ransomware of the moment simply leaked on Twitter, before ending up for free download on Github. What happened ? In all likelihood, a commercial disagreement between the famous pirate collective and a service provider would have led to tragedy.
The Lockbit name has long since passed the sphere of seasoned hackers. After carrying out some of the biggest attacks of 2022, including those affecting the Corbeil-Essonnes hospital as well as the Ministry of Justice, its eponymous ransomware has become the most popular on the market. Popular certainly, but not easily accessible. At least, until September 21, when a mysterious developer calling himself Ali Qushji decided to publish the builder on Twitter.
A builder is a creation kit comprising the files and various lines of code needed to assemble a program, in this case, malware. Anyone who comes into possession of this builder can recreate Lockbit and, if they wish, modify it to make their own version and then attack their target structures. Lockbit being certainly one of the most dangerous ransomware of the moment, it is therefore a major risk for the cybersecurity of companies and public bodies.
How did Lockbit leak its ransomware?
Strangely, in the most innocuous way. Indeed, according to cybersecurity researcher 3xp0rt, it is a simple commercial disagreement that is at the origin of this gigantic leak. As proof of this, the latter points to a message from the administrator of Lockbit on a Russian hacker forum, who declares having used the services of a “provider” developer, responsible for improving the effectiveness of the ransomware.
On the same subject — Lockbit: the famous group of pirates offers 1000 € in exchange for a tattoo bearing its image
However, it would seem that Lockbit refused to pay the said developer, for reasons of delay in delivery. This would have been followed by long tense exchanges, pushing the provider to simply leak the fruit of his labor. “This situation is obviously unpleasant, but it motivates us to find new developers and code new products.“, concludes the administrator of Lockbit.
Source: Bleeping Computer