5 hours ago
LockBit, 1 of the astir well-known Ransomware-as-a-Service (RaaS) groups, suffered a superior information breach that exposed astir 60,000 Bitcoin addresses.
On May 8, blockchain information steadfast SlowMist reported that hackers exploited a PHP 0-day oregon 1-day vulnerability to summation unauthorized entree to LockBit’s backend systems and admin console.
SlowMist pointed retired that the hack resulted successful the leak of a compressed record containing delicate data. Other exposed accusation from the breach includes backstage keys, interior chat records, and details of affiliated entities. The hackers near a connection connected the website saying,
“Don’t bash transgression CRIME IS BAD transgression is atrocious xoxo from Prague.”
LockBit, successful a connection with menace researcher Rey, said that lone wallet addresses and chat logs were published from the attack. The level insisted that nary decryptors oregon root codification were stolen from the breach.
Meanwhile, SlowMist, utilizing its Mistrack system, traced 1 of LockBit’s Bitcoin wallet addresses.
The steadfast reported that the transaction way appeared wide and led straight to known crypto exchanges. This suggests the attacker whitethorn person already attempted to currency retired oregon launder the stolen funds.
LockBit offers bounty
LockBit has reportedly clarified that lone a lightweight absorption sheet had been breached. It emphasized that halfway tools similar the locker builder, decryptors, and root codification remained secure.
Despite this claim, the breach marks a important stroke to its transgression credibility among affiliates and clients.
In a astonishing twist, LockBit offered a bounty for accusation connected the hacker. The radical claims the attacker whitethorn beryllium idiosyncratic called “xoxo” based successful Prague.
The level stated:
“If you tin supply close and reliable accusation astir this person’s individuality — I’m consenting to wage for it.”
This bounty connection comes with a hint of irony, arsenic LockBit is simply a people of a US authorities bounty program.
The US authorities accuse the radical of executing implicit 2,500 ransomware attacks successful much than 120 countries. Nearly 1,800 of those victims were reportedly based successful the United States.
The Department of Justice claims the LockBit radical extorted much than $500 cardinal successful ransom payments, with full losses, factoring successful betterment and downtime, reaching into the billions.
The station LockBit breach exposes 60,000 Bitcoin addresses, offers bounty for hacker’s identity appeared archetypal connected CryptoSlate.
English (US) 