The LockBit ransomware group has launched the first-ever ransomware bug bounty program. The program is named LockBit 3.0 and launched new extortion tactics, including Zcash as payment options.

The bug bounty program

A few days ago, LockBit released a revamped RaaS operation after beta testing for the past two months. The new version is already used in attacks.
  • LockBit 3.0 is introduced as the first bug bounty program promoted by the LockBit group, urging researchers to submit bug reports in return for rewards between $1,000 and $1 million.
  • Various bug bounty categories offered include website bugs (such as XSS vulnerabilities, MySQL injections), Locker bugs (bugs in the ransomware itself), TOX messenger vulnerabilities, and Tor network vulnerabilities.
  • In addition, there is a mega bounty of $1 million in Bitcoin or Monero for anyone doxing the affiliate program boss, and providing his name to the LockBit operators via TOX messenger.

Further, it is not known if technical changes are made to the encryptor. However, the ransom notes' names and formats are now changed, such as [id].README[.]txt.

Zcash as a payment option

As a new update, LockBit 3.0’s negotiation and data leak sites show an animated logo with different cryptocurrency icons rotating around it.
  • The cryptocurrency icons presented in the animation include Bitcoin, Monero, and Zcash.
  • Bitcoin and Monero are already accepted by LockBit for ransom payments in the past, and the inclusion of the Zcash icon possibly indicates its addition as an accepted currency for payments.
  • Zcash is a privacy coin, which is harder to trace and is available for sale at the U.S. crypto exchange Coinbase, making it easier for victims to purchase and make ransom payments.

Conclusion

LockBit, one of the most active ransomware operations at present, has come up with the first official bug bounty program for a RaaS operation. Further, its public-facing operators are actively aimed at engaging external talent in their operations. This could drastically increase the attention of fresh talent pools, leading them to nasty waves of making quick money.
Cyware Publisher

Publisher

Cyware