Home / os / symbian

Ransom Lockbit 3.0 MVID-2022-0620 Buffer Overflow

Posted on 04 July 2022

Lockbit ransomware version 3.0 apparently now requires a password to execute as noted by "@vxunderground", but does not properly check bounds for both the -pass and -k arguments. Supplying a long string of characters for either flag will trigger a unicode stack buffer overflow overwriting the ECX register and structured exception handler (SEH).

 

TOP