Security News > 2023 > February > LockBit ransomware goes 'Green,' uses new Conti-based encryptor
The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for the Conti ransomware.
This week, cybersecurity collective VX-Underground first reported that the ransomware gang is now using a new encryptor named 'LockBit Green,' based on the leaked source code of the now-disbanded Conti gang.
Since the news of LockBit Green became public, researchers have found samples of the new encryptor circulating on VirusTotal and other malware-sharing sites.
A malware analyst known as CyberGeeksTech reverse-engineered a sample of LockBit Green and told BleepingComputer that it was definitely based on the Conti encryptor they previously analyzed.
PRODAFT told BleepingComputer that they know of at least five victims that have been attacked using the new LockBit Green variant.
While it's unclear why the LockBit operation is utilizing a new Conti-based encryptor when their previous one works fine, PRODAFT may have the answer.
News URL
Related news
- Police arrest four suspects linked to LockBit ransomware gang (source)
- LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort (source)
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)
- Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks (source)