Ransomware

Sale of Zeppelin ransomware source code, cracked builder touted

Zeppelin ransomware had source code and cracked builder declared to be sold for only $500 by the threat actor using "RET" as their handle, BleepingComputer reports. In a post on a hacking forum identified by threat intelligence firm KELA, RET emphasized that they were only able to crack a builder iteration of the ransomware. Such a package, which has been obtained without a license, was meant to be sold to a single buyer, with the sale being frozen until the transaction's completion, according to RET. While the Zeppelin ransomware-as-a-service operation's disruption in November 2022 resulted in the development of a decryption tool that leveraged vulnerabilities in the ransomware encryption process, RET noted in a reply to a hacking forum user that the package they have been selling is free from the flaws as it is already a newer iteration of the ransomware. Such a development indicates the possible emergence of a new RaaS operation or Zeppelin-based locker.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds