- LockBit’s data, including 60,000 Bitcoin addresses, was leaked by a hacker from Prague.
- The hackers exploited a PHP vulnerability to breach LockBit’s management platform.
- The platform claimed that no decryptors or critical data were stolen despite the breach.
One of the most notorious ransomware groups, LockBit, has reportedly been hacked, with its internal data leaked online. According to the blockchain security firm SlowMist, a hacker, presumed to be from Prague, exposed more than 60,000 Bitcoin addresses, along with 75 user credentials and ransom negotiation logs.
The breach also revealed access to a PHP-based management platform used by LockBit. According to SlowMist analysts, the hacker took advantage of a vulnerability in PHP to seize control of LockBit’s management system. This enabled them to obtain sensitive information, thus raising concerns regarding the group’s security measures.
LockBit Denies Major Data Loss
LockBit acknowledged the severity of the attack, but downplayed its impact. In an official statement, the group admitted the breach and confirmed that no decryptors were lost and the critical company data was not affected. Nevertheless, the platform admitted that the breach would damage the forum’s reputation.
Notably, the group stated that their source code was still safe even after the incident, and reported that recovery efforts were already in process. In an unprecedented step, the group even posted a bounty to identify the hacker, despite the U.S. government previously offering up to $15 million for information about LockBit operatives in the past.
This attack highlights the vulnerabilities of even the most recognized cybercriminal organizations. Although ransomware gangs are infamous for their abilities in cybersecurity, this event demonstrates that a system can be incapable of resisting hacks.
Related: Solana Fixes Critical Zero-Day Bug That Could Have Enabled Unlimited Token Theft
While the investigations are underway, it is unclear what additional damage has been done to LockBit’s operations. The leakage can hurt the group’s current operations, yet its final recovery chances remain unconfirmed. As law enforcement agencies continue to keep a close eye on the situation, LockBit’s future as one of the top ransomware groups now hangs in the balance.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
