Lockbit ransomware gang creates first malicious bug bounty program

by | Jun 27, 2022 | Technology

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

Today, the Lockbit ransomware gang announced the launch of Lockbit 3.0, a new ransomware-as-a-service offering and a bug bounty program. 

According to Lockbit’s leak site, as part of the bug bounty program, the cyber gang will pay all security researchers, ethical and unethical hackers” to provide Personally Identifiable Information (PII) on high-profile individuals and web exploits in exchange for remuneration ranging from $1,000 to $1 million.  

The development comes shortly after the notorious Conti ransomware group disbanded, and as Lockbit is becoming one of the most prolific ransomware gangs in operation, accounting for almost half of all known ransomware attacks in May 2022. 

What a malicious bug bounty program means for the threat landscape 

Lockbit’s malicious inversion of the concept of legitimate bug bounty programs popularized by providers like Bugcrowd and HackerOne, which incentivize security researchers to identify vulnerabilities so they can be fixed, highlights how malicious threats are evolving.

“With the fall of the Conti ransomware group, LockBit has positioned itself as the top ransomware group operating today based on its volume of attacks in recent months. The release of LockBit 3.0 with the introduction of a bug bounty program is a formal invitation to cybercriminals to help assist the group in its quest to remain at the top,” said Senior Staff Research Engineer at Tenable, Satnam Narang. 

For LockBit, enlisting the help of researchers and criminals across the dark web has the potential not only to identify potential targets, but to secure its leak sites against law enforcement. 

“A key focus of the bug bounty program are defensive measures: preventing security researchers and law enforcement from finding bugs in its leak sites or ransomware, identifying ways that members including the affiliate program boss could be doxed, as well as funding bugs within the messaging software used by the group for internal communications and the Tor network itself,” Narang said. 

The writing on the wall is that Lockbit’s adversarial approach is about to get much more sophisticated.  “Anyone that still doubts cybercriminal gangs have reached a …

Article Attribution | Read More at Article Source

Share This