LockBit 3.0 Debuts with Ransomware Bug Bounty Program

  /     /     /  
Publicated : 23/11/2024   Category : security


LockBit 3.0 Debuts with Ransomware Bug Bounty Program


Lockbit 3.0 promises to Make Ransomware Great Again! with a side of cybercrime crowdsourcing.



The LockBit ransomware group just released its latest ransomware-as-a-service offering, LockBit 3.0, and along with it a first for the Dark Web: A bug-bounty program.
The bounty program offers up rewards for personal identifiable information (PII) on high-value targets, security exploits, and more, according to screen grabs of messages that appear to have been shared by
LockBit actors

We invite all security researchers, ethical and unethical hackers on the planet,  the group reportedly posted, offering payments for website bugs, locker bugs, TOX messenger exploits, and information to fuel doxxing campaigns, with payments starting at $1,000. The group is even willing to pay for fresh cybercrime ideas, the ad say. 
LockBit is on a roll. In the wake of 
Contis shutdown
, LockBit 2.0 emerged as the dominant
ransomware-as-a-service
group in May, with the dubious distinction of being behind 40% of all ransomware attacks during the month. LockBit operators seem poised to capitalize with a new, malicious twist on bug bounty programs. 
No Honor Among Ransomware Operators 
I wish this surprised me, Mike Parkin, senior technical engineer at Vulcan Cyber said in reaction to the LockBit bug-bounty launch. But malware gangs have reached a level of maturity that they are, literally, professionally run businesses. 
While the innovation is noteworthy as a development in the ransomware business, John Bambenek, principal threat hunter at Netenrich, said he doubts anyone would actually submit something and expect to collect the bounty. 
This development is different, however, I doubt they will get many takers, Bambenek said in a statement provided to Dark Reading. I know that if I find a vulnerability, I’m using it to put them in prison. If a criminal finds one, it’ll be to steal from them because there is no honor among ransomware operators. 

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
LockBit 3.0 Debuts with Ransomware Bug Bounty Program