Thanks for sharing. I'm one of the co-authors of the blog post. Let me know if you have any questions!
tl;dr: We analyzed a LockBit v3 variant, and rediscovered a bug that allows us to decrypt some data without paying the ransom. We also found a design flaw that may cause permanent data loss. Nothing's earth-shattering, but it should be a fun read if you're into crypto and security!
CasperH2O 6 days ago [-]
Respectfully, doesnt sharing this information ensure that whoever is behind LockBit can improve and fix it? Surely that isnt desirable?
TonyTrapp 6 days ago [-]
From the article:
> The crypto bug is already known to the malware author. We have observed newer variants where we can no longer take advantage of this bug.
nazgulsenpai 6 days ago [-]
I think the first few paragraphs of the article explain why analysis is worthwhile pretty succinctly.
j16sdiz 6 days ago [-]
I saw there is a decryption tools with the RSA decryption key.
How did they got those keys?
Rendered at 05:04:10 GMT+0000 (Coordinated Universal Time) with Vercel.
tl;dr: We analyzed a LockBit v3 variant, and rediscovered a bug that allows us to decrypt some data without paying the ransom. We also found a design flaw that may cause permanent data loss. Nothing's earth-shattering, but it should be a fun read if you're into crypto and security!
> The crypto bug is already known to the malware author. We have observed newer variants where we can no longer take advantage of this bug.
How did they got those keys?