Gandalf_The_Grey
Level 74
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 6,337
The LockBit ransomware operation has suffered a breach, with an allegedly disgruntled developer leaking the builder for the gang's newest encryptor.
In June, the LockBit ransomware operation released version 3.0 of their encryptor, codenamed LockBit Black, after testing it for two months.
The new version promised to 'Make Ransomware Great Again,' adding new anti-analysis features, a ransomware bug bounty program, and new extortion methods.
However, it looks like LockBit has suffered a breach, with two people (or maybe the same person) leaking the LockBit 3.0 builder on Twitter.
This builder is not the first time a ransomware builder or source code was leaked online, leading to increased attacks by other threat actors who launched their own operations.
In June 2021, the Babuk ransomware builder was leaked, allowing anyone to create encryptors and decryptors for Windows and VMware ESXi, which other threat actors used in attacks.
In March 2022, when the Conti ransomware operation suffered a data breach, their source code was leaked online as well. This source code was quickly used by the NB65 hacking group to launch ransomware attacks on Russia.

LockBit ransomware builder leaked online by “angry developer”
The LockBit ransomware operation has suffered a breach, with an allegedly disgruntled developer leaking the builder for the gang's newest encryptor.