2 min read

LockBit 3.0 Launches First Ransomware Bug Bounty Program, Adds New Features

Vlad CONSTANTINESCU

June 28, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
LockBit 3.0 Launches First Ransomware Bug Bounty Program, Adds New Features

The LockBit ransomware gang launched the third installment of its service, LockBit 3.0, introducing Zcash cryptocurrency payment options, new extortion tactics, and the first ransomware bug bounty program.

The notorious gang’s ransomware-as-a-service (RaaS) operation, active since 2019, recently received an overhaul after two months of beta testing. LockBit 3.0 seems to have been already used in attacks.

Developers also included some less obvious modifications. For instance, they adopted the new [id].README.txt naming format and gave up on the iconic Restore-My-Files.txt format. Any other under-the-hood modifications brought to LockBit’s internals (such as its encryptor) remain unknown.

The most intriguing part remains the debut of the first ransomware bug bounty program, launched in conjunction with LockBit 3.0. In it, the gang offers rewards ranging from $1,000 to $1 million in exchange for valid bug report submissions.

“We invite all security researchers, ethical and unethical hackers on the planet to participate in our bug bounty program,” according to LockBit 3.0’s bug bounty page. “The amount of remuneration varies from $1000 to $1 million.”

However, the operation’s bug bounty program is not limited to just finding vulnerabilities with the service. It also includes the following:

  • Web Site Bugs: finding website weak spots, including MySQL injections and XSS vulnerabilities, getting a shell on the website’s server
  • Locker Bugs: identifying flaws that would lead to corrupted files during encryption or vulnerabilities that would allow the decryption of files without the decryption key/tool
  • Brilliant Ideas: LockBit pays for ideas or suggestions that would help them improve their operation
  • Doxing: in exchange for identifying the affiliate program manager, LockBit offers $1 million in cryptocurrency
  • TOX Messenger: finding TOX messenger vulnerabilities, including those that would facilitate intercepting communications, running malware or detecting the IP addresses of interlocutors
  • Tor Network: finding vulnerabilities that would expose the IP address of the server hosting the website on the onion domain, get root access to servers, or dump the website’s database

Another new LockBit 3.0 feature is an extortion model that lets perpetrators buy stolen data leaked on the website. Perpetrators can purchase and retrieve the data directly or via Torrent, depending on its size.

Last but not least, the ransomware service embraced Zcash as a crypto payment option. LockBit previously accepted crypto payments in Bitcoin and Monero but Zcash is new on the list of options. Monero and Zcash are deemed privacy coins that are more difficult to trace than Bitcoin.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

US State Department Offers $10 Million Bounty for Tips on Conti Ransomware Members US State Department Offers $10 Million Bounty for Tips on Conti Ransomware Members
Alina BÎZGĂ

August 12, 2022

2 min read
Years after claiming DogWalk wasn't a vulnerability, Microsoft confirms flaw is being exploited and issues patch Years after claiming DogWalk wasn't a vulnerability, Microsoft confirms flaw is being exploited and issues patch
Graham CLULEY

August 11, 2022

1 min read
Creative scammers send their senior victim an Uber to take her to the bank Creative scammers send their senior victim an Uber to take her to the bank
Alina BÎZGĂ

August 11, 2022

2 min read