Leaked LockBit 3.0 builder used by ‘Bl00dy’ ransomware gang in attacks


Level 71
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
The relatively new Bl00Dy Ransomware Gang has started to use a recently leaked LockBit ransomware builder in attacks against companies.

Last week, the LockBit 3.0 ransomware builder was leaked on Twitter after the LockBit operator had a falling out with his developer. This builder allows anyone to build a fully functional encryptor and decryptor that threat actors can use for attacks.

As the builder includes a configuration file that can easily be customized to use different ransom notes, statistics servers, and features, BleepingComputer predicted that other threat actors would soon use the builder to create their own ransomware.

Unfortunately, our predictions have come true, and a relatively new ransomware group named 'Bl00Dy Ransomware Gang' has already utilized the builder in an attack on a Ukrainian entity.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.