Leaked LockBit 3.0 builder used by ‘Bl00dy’ ransomware gang in attacks

Lawrence Abrams reports:

The relatively new Bl00Dy Ransomware Gang has started to use a recently leaked LockBit ransomware builder in attacks against companies.

Last week, the LockBit 3.0 ransomware builder was leaked on Twitter after the LockBit operator had a falling out with his developer. This builder allows anyone to build a fully functional encryptor and decryptor that threat actors can use for attacks.

Threats

While Bl00dy Gang develops its ransomware, it appears they are also testing its communications and pressure tactics. This week, they seem to have decided to use mafia tactics with death threats. On September 28, they wrote:

*Bl00dy Gang message on Telegram, September 28.*

Concerning companies that choose not to cooperate and make payment be ready
We are not done with you yet
All employees lifes will be at risk
Ceo and family lives also will be at risk
untill we are paid Our Gunmen/Assassin sect will be on the hunt
We warned You
Activities concerning this sect is private

Cyber-Attack On Bectu’s Parent Union Sparks UK National Security Concerns
Attorney General James Announces Settlement with Wojeski & Company Accounting Firm
John Bolton Indictment Provides Interesting Details About Hack of His AOL Account and Extortion Attempt
A business's cyber insurance policy included ransom coverage, but when they needed it, the insurer refused to pay. Why?
Scenes from a "No Kings" Protest, 10-18-25
No Kings. Not Today. Not Ever.

Threats

Related: