LockBit ransomware builder leaked online by “angry developer”


Level 74
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
The LockBit ransomware operation has suffered a breach, with an allegedly disgruntled developer leaking the builder for the gang's newest encryptor.

In June, the LockBit ransomware operation released version 3.0 of their encryptor, codenamed LockBit Black, after testing it for two months.

The new version promised to 'Make Ransomware Great Again,' adding new anti-analysis features, a ransomware bug bounty program, and new extortion methods.

However, it looks like LockBit has suffered a breach, with two people (or maybe the same person) leaking the LockBit 3.0 builder on Twitter.
This builder is not the first time a ransomware builder or source code was leaked online, leading to increased attacks by other threat actors who launched their own operations.

In June 2021, the Babuk ransomware builder was leaked, allowing anyone to create encryptors and decryptors for Windows and VMware ESXi, which other threat actors used in attacks.

In March 2022, when the Conti ransomware operation suffered a data breach, their source code was leaked online as well. This source code was quickly used by the NB65 hacking group to launch ransomware attacks on Russia.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.