Virtually 60,000 Bitcoin addresses tied to LockBit’s ransomware infrastructure have been leaked after hackers breached the group’s darkish net affiliate panel.
The leak included a MySQL database dump shared publicly on-line. It contained crypto-related info that might assist blockchain analysts hint the group’s illicit monetary flows.
Ransomware is a type of malware utilized by malicious actors. It locks its goal’s information or laptop programs, making them inaccessible. The attackers sometimes demand a ransom fee, usually in digital belongings like Bitcoin (BTC), in trade for a decryption key to unlock the information.
LockBit is without doubt one of the most infamous crypto ransomware teams. In February 2024, 10 international locations launched a joint operation to disrupt the group, saying that the group had caused billions in damages to key infrastructure.
No Bitcoin non-public keys leaked
Whereas virtually 60,000 Bitcoin wallets have been leaked, no non-public keys have been included. One X person shared a dialog with a LockBit operator, confirming the breach. Nonetheless, the LockBit particular person stated no non-public keys or knowledge have been misplaced.
Regardless of this, analysts at Bleeping Laptop stated the database contained 20 tables, together with a “builds” desk. This included particular person ransomware builds created by the group’s associates. The info additionally recognized a few of the goal firms for the builds.
As well as, the leaked database additionally included a “chats” desk. This desk contained over 4,400 negotiation messages between victims and the ransomware group.
Associated: Crypto crime in 2024 likely exceeded $51B, far higher than reported: Chainalysis
LockBit hack tied to Everest ransomware breach
It’s unclear who was behind the breach and the way they obtained into LockBit’s operations, however Bleeping Laptop analysts stated the message used within the Everest ransomware website breach matched the one utilized in LockBit. The analysts advised that there could also be a hyperlink between the 2 incidents.
The breach highlighted the position that crypto performs within the ransomware financial system. Every sufferer is normally assigned an handle to pay their ransom, permitting the associates to observe funds whereas trying to obscure ties to their most important wallets.
The publicity of the addresses permits legislation enforcement and blockchain investigators to trace patterns and probably hyperlink previous ransom funds to identified wallets.
Journal: Adam Back says Bitcoin price cycle ’10x bigger’ but will still decisively break above $100K
