LockBit 3.0 introduces important novelties, including a bug bounty program

The LockBit ransomware operators released LockBit 3.0 with important novelties, including a bug bounty program and Zcash payments.

The Lockbit ransomware operation has released LockBit 3.0, which has important novelties such as a bug bounty program, Zcash payment, and new extortion tactics. The gang has been active since at least 2019 and today it is one of the most active ransomware gangs.

The new version 3.0 of the ransomware was already used in recent attacks.

The introduction of the bug bounty program made the headlines, it is the first ransomware gang asking cyber security experts to submit bugs in their malware to improve it.

The gang announced it is offering rewards ranging between $1,000 and $1 million.

“We invite all security researchers, ethical and unethical hackers on the planet to participate in our bug bounty program. The amount of remuneration varies from $1000 to $1 million,” reads the announcement of the bug bounty program made by the gang.

The ransomware gang will also reward “brilliant ideas” to improve its operations.

The $1 million rewards will be paid to those experts that will identify the affiliate manager LockBitSupp.

Another novelty is represented by the fact the gang now accepts Zcash for payments, along with Monero and Bitcoin, to protect their anonymity.

The LockBit 3.0 operation is also using a new extortion model that allows threat actors to buy data stolen from the victims during the attacks.

“The source code of the showcase site suggests the adoption of new modes of monetization of cyberattacks carried out with the LockBit 3.0 ransomware. Thus, everything seems ready so that it will soon become possible to pay the franchise to download stolen data – including in the form of a single BitTorrent file -, but also to “buy” more time before disclosing the data. , or to request the destruction of stolen data.” reads the post published by LeMagIT. “What give cybercriminals an additional chance to get paid by their victims when they do not want the decryption tool. This kind of request is not uncommon during negotiations.”

The experts noticed a JavaScript file that allows users to purchase data leaked on the site and download it also through a Torrent.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, LockBit 3.0)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.