Zeppelin ransomware source code sold for 500 on hacking forum

pVMware confirms critical vCenter flaw now exploited in attacksppCISA emergency directive Mitigate Ivanti zerodays immediatelyppVans North Face owner says ransomware breach affects 35 million peopleppTeamViewer abused to breach networks in new ransomware attacksppTrezor support site breach exposes personal data of 66000 customersppHackers start exploiting critical Atlassian Confluence RCE flawppGet handson training with this 50 CompTIA exam prep simulation bundleppTietoevry ransomware attack causes outages for Swedish firms citiesppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to open a Windows 11 Command Prompt as AdministratorppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppeLearningppIT Certification CoursesppGear GadgetsppSecurityppppA threat actor announced on a cybercrime forum that they sold the source code and a cracked version of the Zeppelin ransomware builder for just 500ppThe post was spotted by threat intelligence company KELA and while the legitimacy of the offer has not been validated the screenshots from the seller indicate that the package is realppWhoever bought the package could use the malware to spin up a new ransomwareasaservice RaaS operation or write a new locker based on the Zeppelin familyppThe seller of the Zeppelin source code and builder uses the handle RET and clarified that they did not author the malware but simply managed to crack a builder version for it RET added that they had acquired the package without a licenseppWhere I got the builder without a license is my business I just cracked the builder the seller wrote in a reply to other members of the hacker forumppThe cybercriminal noted that they intended to sell the product to a single buyer and would freeze the sale until completing the transactionppIn November 2022 following the discontinuation of the Zeppelin RaaS operation law enforcement and security researchers disclosed they had found exploitable flaws in Zeppelins encryption scheme allowing them to build a decrypter and help victims since 2020ppA user on the Zeppelin forum thread asks explicitly whether the new version has fixed the flaws in the cryptography implementation to which the seller replies by saying that its the second version of the malware that should no longer include the vulnerabilitiesppZeppelin is a derivative of the Delphibased VegaVegaLocker malware family that was active between 2019 and 2022 It was used in doubleextortion attacks and its operators sometimes asked for ransoms as big as 1 millionppBuilds of the original Zeppelin ransomware were sold for up to 2300 in 2021 after its author had announced a major update for the softwareppThe RaaS offered a relatively advantageous deal to affiliates allowing them to keep 70 of the ransom payments with 30 going to the developerppIn the summer of 2022 the Federal Bureau of Investigation FBI warned about a new tactic employed by Zeppelin ransomware operators involving multiple rounds of encryptionppThe Week in Ransomware January 5th 2024 Secret decryptorsppTietoevry ransomware attack causes outages for Swedish firms citiesppResearchers link 3AM ransomware to Conti Royal cybercrime gangsppVans North Face owner says ransomware breach affects 35 million peopleppTeamViewer abused to breach networks in new ransomware attacksppNot a member yet Register NowppCourt charges dev with hacking after cybersecurity issue disclosureppTietoevry ransomware attack causes outages for Swedish firms citiesppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2024 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp