1 month ago
“Don’t bash transgression CRIME IS BAD xoxo from Prague,” the hackers wrote arsenic they gave the LockBit ransomware pack a sensation of their ain medicine.
Almost 60,000 Bitcoin addresses tied to LockBit’s ransomware infrastructure were leaked aft hackers breached the group’s acheronian web affiliate panel.
The leak included a MySQL database dump shared publically online. It contained crypto-related accusation that could assistance blockchain analysts hint the group’s illicit fiscal flows.
Ransomware is simply a type of malware utilized by malicious actors. It locks its target’s files oregon machine systems, making them inaccessible. The attackers typically request a ransom payment, often successful integer assets similar Bitcoin (BTC), successful speech for a decryption cardinal to unlock the files.
LockBit is 1 of the astir notorious crypto ransomware groups. In February 2024, 10 countries launched a associated cognition to disrupt the group, saying that the enactment had caused billions successful damages to cardinal infrastructure.
Source: ReyXBFNo Bitcoin backstage keys leaked
While astir 60,000 Bitcoin wallets were leaked, nary backstage keys were included. One X idiosyncratic shared a speech with a LockBit operator, confirming the breach. However, the LockBit idiosyncratic said nary backstage keys oregon information were lost.
Despite this, analysts astatine Bleeping Computer said the database contained 20 tables, including a “builds” table. This included idiosyncratic ransomware builds created by the organization’s affiliates. The information besides identified immoderate of the people companies for the builds.
In addition, the leaked database besides included a “chats” table. This array contained implicit 4,400 dialog messages betwixt victims and the ransomware organization.
Related: Crypto transgression successful 2024 apt exceeded $51B, acold higher than reported: Chainalysis
LockBit hack tied to Everest ransomware breach
It’s unclear who was down the breach and however they got into LockBit’s operations, but Bleeping Computer analysts said the connection utilized successful the Everest ransomware tract breach matched the 1 utilized successful LockBit. The analysts suggested that determination whitethorn beryllium a nexus betwixt the 2 incidents.
The breach highlighted the relation that crypto plays successful the ransomware economy. Each unfortunate is usually assigned an code to wage their ransom, allowing the affiliates to show payments portion attempting to obscure ties to their main wallets.
The vulnerability of the addresses allows instrumentality enforcement and blockchain investigators to way patterns and perchance nexus past ransom payments to known wallets.
English (US) 