Security News > 2023 > October > HelloKitty ransomware source code leaked on hacking forum
A threat actor has leaked the complete source code for the first version of the HelloKitty ransomware on a Russian-speaking hacking forum, claiming to be developing a new, more powerful encryptor.
A threat actor named Gookee has been previously associated with malware and hacking activity, attempting to sell access to Sony Network Japan in 2020, linked to a Ransomware-as-a-Service operation called 'Gookee Ransomware,' and trying to sell malware source code on a hacker forum.
Ransomware expert Michael Gillespie confirmed to BleepingComputer that this is the legitimate source code for HelloKitty used when the ransomware operation first launched in 2020.
While the release of ransomware source code can be helpful for security research, the public availability of this code does have its drawbacks.
As we saw when HiddenTear was released and Babuk ransomware source code was released, threat actors quickly used the code to launch their own extortion operations.
To this day, over nine ransomware operations continue using the Babuk source code as the basis for their own encryptors.