Oh, my dear, it’s a pity, it’s okay.
Yes, it’s hard to feel too much sympathy when a group of cybercriminals who ransom millions of dollars from innocent victims find themselves dealing with their own cybersecurity issues.
That’s what happened to the infamous Lockbit ransomware gang, which has enjoyed its own medicine.
The infamous ransomware as a service (RAAS) operation has been lagging behind some of the most compelling ransomware attacks in history, which itself has been compromised and secretly radiated for anyone to see.
Earlier this week, attackers violated the infrastructure of the Lockbit Group, defaming its interface used by branches and exposing Aladdin’s sensitive data caves, a major blow to one of the most prolific ransom software operations in recent years.
As Angry computer A threat actor known as “Rey” found that Lockbit’s membership panel had been defiled and replaced with a link to the SQL database.
In addition to leaking the link to the database, a message left by the attacker reads:
“Don’t do crime is the bad Xoxo in Prague”
The downloadable SQL database contains sensitive information about criminal gang activities, including negotiations between Lockbit and its victims, victim profiles (including their estimated revenue), Bitcoin addresses associated with Lockbit, possible decryption keys, custom ransomware builds, and 75 Admins and 75 Bishops and chapter members.
The data reportedly appears to cover the activity of the ransomware group, from December 2024 to the end of last month.
Apparently, Lockbit’s own cybersecurity was found to be as vulnerable as its company victims. This not only embarrasses Lockbit, but it can have far-reaching consequences for its members and branches. Cybersecurity researchers and law enforcement agencies will be eager to dig out leaked information to see their reveals about Lockbit’s activities and strategies if it will help identify the gang’s branches and could further undermine its operations.
Perhaps most importantly, violations like this undermine Lockbit’s credibility, with its current and potential future collaborators set to be placed in the group. Violations like this have damaged Lockbit’s reputation and may prevent future branches from ties with the organization as they fear exposure or arrest.
The latest news about Lockbit has lasted for the most difficult period in recent months. For example, in October last year, Europol announced a series of arrests and seizures of servers used by the group.
Bounty up to $15 million is provided for the identification or location of key figures in the Lockbit gang and arrest and/or arrest and/or conviction of anyone involved in ransomware activities.
Editor’s Note: The opinions expressed in this guest author’s article are only the views of the writer and do not necessarily reflect Ford’s opinions.
