Hacker News new | ask | show | jobs
by cryptbe 779 days ago
Thanks for sharing. I'm one of the co-authors of the blog post. Let me know if you have any questions!

tl;dr: We analyzed a LockBit v3 variant, and rediscovered a bug that allows us to decrypt some data without paying the ransom. We also found a design flaw that may cause permanent data loss. Nothing's earth-shattering, but it should be a fun read if you're into crypto and security!
1 comments
CasperH2O 779 days ago
Respectfully, doesnt sharing this information ensure that whoever is behind LockBit can improve and fix it? Surely that isnt desirable?
link
TonyTrapp 779 days ago
From the article:

> The crypto bug is already known to the malware author. We have observed newer variants where we can no longer take advantage of this bug.

link
nazgulsenpai 779 days ago
I think the first few paragraphs of the article explain why analysis is worthwhile pretty succinctly.
link