Security News > 2023 > August > LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants
The leak of the LockBit 3.0 ransomware builder last year has led to threat actors abusing the tool to spawn new variants.
Russian cybersecurity company Kaspersky said it detected a ransomware intrusion that deployed a version of LockBit but with a markedly different ransom demand procedure.
"When a ransomware is successful out in the wild, it is common to see cybercriminals use the same ransomware samples - slightly tweaking their codebase - to pilot other projects," security researcher Rakesh Krishnan said.
The development also comes amid a record surge in ransomware attacks, with the Cl0p ransomware group having breached 1,000 known organizations by exploiting flaws in MOVEit Transfer app to gain initial access and encrypt targeted networks.
What's more, according to Sophos 2023 Active Adversary Report, the median dwell time for ransomware incidents dropped from nine days in 2022 to five days in the first half of 2023, indicating that "Ransomware gangs are moving faster than ever."
"Nearly half of ransomware attacks were detected on either Friday or Saturday."
News URL
https://thehackernews.com/2023/08/lockbit-30-ransomware-builder-leak.html
Related news
- Police arrest four suspects linked to LockBit ransomware gang (source)
- LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)
- Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks (source)