Search
Close this search box.
A hooded figure in a dark, futuristic environment wears a mask illuminated with digital patterns. The background is filled with cascading lines of green code, creating a matrix-like atmosphere. The scene evokes a sense of mystery and advanced cybersecurity threats.

After the leak site shuts down, Knight ransomware source code is being sold.

A representative of the company is selling the purported source code for the third iteration of Knight ransomware to a single buyer on an online hacker forum.

A&nbsp, a re-brand of the Cyclops operation, was introduced as Knight ransomware at the end of July 2023. It was intended for Windows, macOS, and Linux/ESXi systems.

Because it offered info-snatchers and a “lite” version of its encryptor&nbsp to lower-tier affiliates who attacked smaller organizations, it gained some traction.

Threat analysts at the cyber-intelligence company KELA&nbsp noticed the advertisement two days ago that was posted on RAMP forums under the alias Cyclops and identified as a Knight ransomware gang representative.

Sale post on the RAMP forums
On the RAMP forums (KELA ), there is a sale post.

Cyclops writes in the post,” Selling the source code for Knight 3.0 ransomware, this will include the panel and locker source codes. &nbsp,

On November 5, 2023, Knight’s locker version 3.0 was made available, adding features like 40 % faster encryption, a rewritten ESXi module for add&nbsp, support for more recent hypervisor versions, and many more. &nbsp,

Version 3.0 release announcement
Announcement of Version 3.0’s release (KELA )

The threat actor emphasized that the source code would only be sold to one buyer, maintaining its value as a private tool, but he did not specify the ABSP or price.

According to Cyclops, trustworthy users would receive a deposit priority, and transactions would be guaranteed on the RAMP or XSS hacker forums.

For potential buyers to get in touch with and negotiate a final deal, the seller has posted contact information for Jabber and TOX messaging services.

The Jabber is new andnbsp, according to KELA, but the TOX ID listed on the forum post was previously associated with Knight, giving the sale legitimacy.

Knight’s representatives have not been active on any forums since December 2023, despite the fact that the motivation for selling the source code for Knight ransomware is still unknown.

The most recent victim was listed on February 8; the victim extortion portal for the ransomware operation is also currently offline. Knight asserted to have violated 50 organizations since July &nbsp, 2023.

The Knight ransomware operation appears to have been dormant for some time, according to KELA’s information, suggesting that the organization may be considering closing its doors and selling its assets.

Lean More About DoD Cybersecurity, Cyber Threats and Related Contents

Learn why IDShield offers the best security and value.

www.sentrypc.com

PureVPN - Best VPN and Your Trusted Partner for Internet Freedom

🔥BIG SAVINGS 82% Off PureVPN.🔥 Secure Your Online Privacy Now. LIMITED OFFER!

🔥 SAVE 82% OFF 🔥 on PureVPN! Limited Offer – Enhance Your Digital Security Today.
Click To View Offer on PureVPN Website

NordVPN - Your Passport to Unrestricted Freedom

Embrace Digital Freedom and Security with NordVPN.
🔥Up To 63% Off🔥

Start Today Your Journey to a Safer Internet Today!
Click To View Offer on NordVPN Website

Protect Your Data with DeleteMe the Go-To-Solution

DeleteMe is Your Guardian Against Identity Theft and Online Exposure!
🔥Take 20% Off - Click Here to View Code🔥
Malwarebytes Browser Guard filters out annoying ads and scams while blocking trackers that spy on you.
Malwarebytes for Home | Anti-Malware Premium | Free Trial Download
Try Ultahost - The best place to get secure, inexpensive shared web hosting services!
View deals and specials on Used Macs, Mac hardware, Mac accessories, and more. Shop now!

DoD Cybersecurity protecting your digital world one secure step at a time with DoD Cybersecurity Blogs.
DoDCybersecurityblogs.com | All Rights Reserved | Designed by Omar Solomon

Skip to content