The source code of the Hello Kitty ransomware, best known for breaching and stealing data from video game developer CD Projekt Red, has been leaked on a Russian-language cybercrime forum.
The source code was leaked by a threat actor known online as kapuchin0 and Gookie who said in a blog post that they are “preparing a new product and much more interesting than LockBit.”
The leaked zip archive includes a Microsoft Visual Studio project that can be used to create the Hello Kitty encryptor and decryptor. Citing security expert Michael Gillespie, BleepingComputer reported that the released source code is the legitimate 2020 HelloKitty version used when the ransomware operation was first launched.
The gang behind the Hello Kitty ransomware uses aggressive tactics such as double extortion to pressure victims into paying a ransom. In some cases, if the victim does not respond quickly or fails to pay the ransom, the threat actors will launch a Distributed Denial of Service (DDoS) attack on the victim company’s public-facing website.