"DragonForce Ransomware Group Uses LockBit's Leaked Builder"

"DragonForce," a new ransomware strain, uses a leaked LockBit builder. The cybercriminal group used a ransomware binary based on a leaked LockBit Black builder, according to Cyble. Cyble reported its findings after examining DragonForce's activity for months. LockBit Black is the third LockBit ransomware version. A disgruntled developer leaked it six months after its March 2022 release. After that, LockBit admins launched LockBit Green, which was later revealed to be a rebranded version of a Conti encryptor. Operation Cronos, an international law enforcement operation, took down LockBit's infrastructure in February 2024, but the LockBit Black builder remains available. After noticing striking similarities in the code structure and functions of its ransomware payload and LockBit Black, Cyble researchers concluded that DragonForce has been using the leaked builder to develop its toolset. This article continues to discuss findings regarding the DragonForce ransomware group,

Infosecurity Magazine reports "DragonForce Ransomware Group Uses LockBit's Leaked Builder"

Submitted by grigby1