🎁 Ace quick missions & earn crypto rewards while gaining real-world Web3 skills. JOIN NOW! 🔥

LockBit Hacked: 60,000 Bitcoin Addresses and 4,400 Ransom Chats Go Public

Key Takeaways

  • ​Hackers leaked LockBit’s MySQL database and exposed nearly 60,000 Bitcoin addresses linked to ransom activities;
  • The database included ransomware builds, victim negotiations, and clues for tracking LockBit’s past crypto transactions;
  • Similarities to a past Everest ransomware hack suggest the same attacker or group may be responsible for both breaches.

Ace quick missions & earn crypto rewards while gaining real-world Web3 skills. Participate Now ! 🔥

LockBit Hacked: 60,000 Bitcoin Addresses and 4,400 Ransom Chats Go Public

Hackers managed to break into the LockBit ransomware group's dark web affiliate site and publicly release a copy of its internal MySQL database, according to Bleeping Computer.

The files contained nearly 60,000 Bitcoin BTC $99,096.39 addresses, which experts believe are linked to the group’s ransom payments.

While no private keys were part of the leak, the exposed information could help blockchain investigators follow the trail of LockBit’s past transactions.

Where to Trade Crypto: 3 Best Approaches Explained (Animated)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

The leaked database contained twenty different tables. One, named "builds", listed ransomware files created by LockBit’s partners, along with possible intended targets. Another, labeled "chats", included more than 4,400 negotiation messages between the group and its victims.

These records showed conversations about ransom amounts, payment terms, and proof that stolen data would be deleted after a deal.

After the leak, an X user shared a conversation with an individual claiming to represent LockBit. The person confirmed that the group’s affiliate panel had been hacked but said that no private keys or critical data had been taken.

Analysts from BleepingComputer also pointed out that the message shown on LockBit’s hacked site was almost identical to one seen during a previous attack on the Everest ransomware group. This raised the idea that the same hacker, or a connected group, could be behind both incidents.

Meanwhile, Google Threat Intelligence reported a new malware called LOSTKEYS used by the hacking group COLDRIVER. How does the malware do? Read the full story.

Aaron S. Editor-In-Chief
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.

Loading...
binance
×
Verified

$600 WELCOME BONUS

Earn Huge Exclusive Binance Learners Rewards
5.0 Rating