- Some cybersecurity researchers have noticed that the nefarious LockBit ransomware has updated the source code of its encryptor.
- The new encryptor of LockBit is named “LockBit Green”, and the reason behind this change is currently unknown.
- One of the speculations says that the reason behind this change might be the old Conti members who joined LockBit after it dissolved.
LockBit is a very active ransomware group, which is responsible for many attacks last year, including an attack on the Port of Lisbon, Wabtec, and many more. The group was also the subject of some interesting news such as getting counterattacked by a security company and apologizing after attacking a hospital.
Improvise, adapt, overcome
LockBit’s new encryptor “LockBit Green” has already hit five organizations
LockBit is constantly evolving and improving; they even launched a ransomware bug bounty program last year. Now, some security researchers found that the encryptor of LockBit ransomware is updated. According to the researchers, the new encryptor is named “LockBit Green”, and the reason for this change is currently unknown. Since version 3.0 worked as intended, there was no apparent reason to change it.
One of the speculations about the change is the old Conti hackers. Conti ransomware group was disbanded in mid-2022; some of the members joined LockBit after it. Those members might be more comfortable with their own code; that’s why they might have updated the LockBit encryptor as well.
There are five attacks in that LockBit utilized the new encryptor so far.