BleepingComputer reports that recent attacks by the newly emergent Bl00dy Ransomware Gang involved the use of the LockBit 3.0 ransomware builder that leaked last week following a falling out between a LockBit operator and his developer.
Bl00dy Ransomware Gang, which was initially discovered to attack New York-based medical and dental practices in May, was identified by cybersecurity researcher Vladislav Radetskiy to have used a new encryptor in an attack against a Ukrainian entity.
While the email included in the encryptor has befuddled experts regarding its origin, MalwareHunterTeam later discovered that the leaked LockBit 3.0 ransomware builder had been used as the basis for the encryptor.
Further testing by BleepingComputer showed that the extensions used in the new builder indicated the time when the encryptor was created, while file names in the ransom note resembled those by LockBit although certain customizations in text and contact information had been done by the Bl00dy Ransomware Gang.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds