• Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
What's Hot

Ninja Artisan electric outdoor pizza oven and air fryer review: Easy as pie

July 4, 2025

Apple Mulled Entering the Cloud Wars With an AWS Competitor

July 4, 2025

Apple Will Make Joining Public Wi-Fi Networks Easier in iOS 26

July 3, 2025
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
Behind The ScreenBehind The Screen
Home»Security»Lockbit ransomware gang creates first malicious bug bounty program
Security

Lockbit ransomware gang creates first malicious bug bounty program

June 28, 2022No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Lockbit ransomware gang creates first malicious bug bounty program
Share
Facebook Twitter LinkedIn Pinterest Email

We’re excited to convey Rework 2022 again in-person July 19 and nearly July 20 – 28. Be part of AI and information leaders for insightful talks and thrilling networking alternatives. Register at the moment!


Immediately, the Lockbit ransomware gang introduced the launch of Lockbit 3.0, a brand new ransomware-as-a-service providing and a bug bounty program. 

In accordance with Lockbit’s leak web site, as a part of the bug bounty program, the cyber gang can pay all safety researchers, moral and unethical hackers” to offer Personally Identifiable Info (PII) on high-profile people and internet exploits in change for remuneration starting from $1,000 to $1 million.  

The event comes shortly after the infamous Conti ransomware group disbanded, and as Lockbit is changing into one of the crucial prolific ransomware gangs in operation, accounting for nearly half of all known ransomware attacks in Might 2022. 

What a malicious bug bounty program means for the risk panorama 

Lockbit’s malicious inversion of the idea of reliable bug bounty applications popularized by suppliers like Bugcrowd and HackerOne, which incentivize safety researchers to determine vulnerabilities to allow them to be fastened, highlights how malicious threats are evolving.

“With the autumn of the Conti ransomware group, LockBit has positioned itself as the highest ransomware group working at the moment based mostly on its quantity of assaults in current months. The discharge of LockBit 3.0 with the introduction of a bug bounty program is a proper invitation to cybercriminals to assist help the group in its quest to stay on the high,” stated Senior Employees Analysis Engineer at Tenable, Satnam Narang. 

See also  Meta launches a Threads beta program for Android

For LockBit, enlisting the assistance of researchers and criminals throughout the darkish internet has the potential not solely to determine potential targets, however to safe its leak websites in opposition to legislation enforcement. 

“A key focus of the bug bounty program are defensive measures: stopping safety researchers and legislation enforcement from discovering bugs in its leak websites or ransomware, figuring out ways in which members together with the associates program boss could possibly be doxed, in addition to funding bugs inside the messaging software program utilized by the group for inside communications and the Tor community itself,” Narang stated. 

The writing on the wall is that Lockbit’s adversarial strategy is about to get far more subtle.  “Anybody that also doubts cybercriminal gangs have reached a stage of maturity that rivals the organizations they aim could have to reassess,” stated Senior Technical Engineer at Vulcan Cyber, Mike Parkin.

What concerning the potential drawbacks for Lockbit? 

Whereas searching for exterior assist has the potential to boost Lockbit’s operations, others are skeptical that different risk actors will take part in sharing info that they may exploit to realize entry to focus on organizations. 

On the similar time, many reliable researchers could double their efforts to seek out vulnerabilities within the group’s leak web site. 

“This growth is totally different, nonetheless, I doubt they may get many takers. I do know that if I discover a vulnerability, I’m utilizing it to place them in jail. If a felony finds one, it’ll be to steal from them as a result of there isn’t a honor amongst ransomware operators,” stated Principal Menace Hunter at Netenrich, John Bambenek. 

See also  Howard University suffers cyberattack, suspends online classes in aftermath

How can organizations reply? 

If risk actors do have interaction in sharing info with Lockbit in change for a reward, organizations must be far more proactive about mitigating dangers of their atmosphere.  

On the very least, safety leaders ought to assume that any people with information of vulnerabilities within the software program provide chain shall be tempted to share them with the group. 

“This could have each enterprise trying on the safety of their inside provide chain, together with who and what has entry to their code, and any secrets and techniques in it. Unethical bounty applications like this flip passwords and keys in code into gold for everyone who has entry to your code,” stated Head of Product and Developer Enablement at BluBracket, Casey Bisson.
Over the following few weeks, vulnerability administration needs to be a high precedence, ensuring that there are not any potential entry factors in inside or exterior dealing with belongings that potential attackers may exploit.

Source link

bounty bug creates gang LockBit Malicious Program ransomware
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Bug in macOS and iOS updates re-enables Apple Intelligence for some refuseniks

February 11, 2025

Apple refused to pay bounty to Kaspersky for uncovering vulnerability in ‘Operation Triangulation’

June 9, 2024

Apple working on fix for bug causing iPhone alarms to not play sounds

April 30, 2024

Apple Adds M3 Macs to Its Do-It-Yourself Repair Program

March 2, 2024
Add A Comment

Comments are closed.

Editors Picks

Premium Now Costs $23 a Month

October 21, 2023

Two galaxies collide in image from Gemini North telescope

August 13, 2022

My Hero Ultra Rumble is coming west

July 2, 2022

Laifen Wave electric toothbrush review

March 5, 2024

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Ninja Artisan electric outdoor pizza oven and air fryer review: Easy as pie

Apple Mulled Entering the Cloud Wars With an AWS Competitor

Apple Will Make Joining Public Wi-Fi Networks Easier in iOS 26

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.fr - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.