"Zeppelin Ransomware Source Code Sold for $500 on Hacking Forum"

A threat actor named "RET" claims to have sold the source code and a cracked version of the Zeppelin ransomware builder for $500. The threat intelligence company KELA discovered the claim on a cybercrime forum. Although the offer's legitimacy has yet to be confirmed, screenshots from the seller suggest that the package is real. The buyer could use the malware to launch a new Ransomware-as-a-Service (RaaS) operation or create a new Zeppelin-based locker. Zeppelin stems from the Delphi-based Vega/VegaLocker malware family, which was active between 2019 and 2022. It was used in double-extortion attacks, and its operators demanded ransoms of up to $1 million. This article continues to discuss the alleged purchase of the source code and a cracked version of the Zeppelin ransomware builder.

Bleeping Computer reports "Zeppelin Ransomware Source Code Sold for $500 on Hacking Forum"

Submitted by grigby1