LockBit, one of the well-known Ransomware-as-a-Service (RaaS) teams, suffered a severe safety breach that uncovered round 60,000 Bitcoin addresses.
On Could 8, blockchain safety agency SlowMist reported that hackers exploited a PHP 0-day or 1-day vulnerability to achieve unauthorized entry to LockBit’s backend techniques and admin console.
SlowMist identified that the hack resulted within the leak of a compressed file containing delicate knowledge. Different uncovered info from the breach consists of personal keys, inner chat information, and particulars of affiliated entities. The hackers left a message on the web site saying,
“Don’t do crime CRIME IS BAD crime is dangerous xoxo from Prague.”
LockBit, in a message with risk researcher Rey, stated that solely pockets addresses and chat logs had been revealed from the assault. The platform insisted that no decryptors or supply code had been stolen from the breach.
In the meantime, SlowMist, utilizing its Mistrack system, traced considered one of LockBit’s Bitcoin pockets addresses.
The agency reported that the transaction path appeared clear and led on to recognized crypto exchanges. This implies the attacker could have already tried to money out or launder the stolen funds.
LockBit presents bounty
LockBit has reportedly clarified that solely a light-weight administration panel had been breached. It emphasised that core instruments just like the locker builder, decryptors, and supply code remained safe.
Regardless of this declare, the breach marks a major blow to its prison credibility amongst associates and purchasers.
In a stunning twist, LockBit supplied a bounty for info on the hacker. The group claims the attacker could also be somebody known as “xoxo” based mostly in Prague.
The platform acknowledged:
“If you happen to can present correct and dependable details about this particular person’s identification — I’m keen to pay for it.”
This bounty supply comes with a touch of irony, as LockBit is a goal of a US authorities bounty program.
The US authorities accuse the group of executing over 2,500 ransomware assaults in additional than 120 international locations. Practically 1,800 of these victims had been reportedly based mostly in the USA.
The Division of Justice claims the LockBit group extorted greater than $500 million in ransom funds, with whole losses, factoring in restoration and downtime, reaching into the billions.
