Lockbit Ransomware Hacked - Leaked Database Exposes Internal Chats

The database includes approximately 60,000 unique Bitcoin wallet addresses used for ransom payments, 4,442 negotiation messages between LockBit operators and their victims spanning from December to late April, and details of custom ransomware builds created for specific attacks. Visitors to LockBit’s dark web sites are now greeted with a defiant message: “Don’t do crime CRIME IS BAD xoxo from Prague,” alongside a link to download a file named “paneldb_dump.zip” containing a MySQL database dump. In a message posted on their leak site in Cyrillic text, the group claimed: “On May 7, they hacked the light panel with autoregistration for everyone, took the database, not a single decryptor and not a single stolen company data was affected”. For LockBit, which was responsible for approximately 44% of all ransomware incidents globally in early 2023, this breach represents a potentially devastating setback that could undermine affiliate trust and further hinder their operations. Security researchers have confirmed the authenticity of the leaked data, which contains a treasure trove of information about the ransomware operation. Alon Gal, Co-Founder and CTO at Hudson Rock, called the breach “a goldmine for law enforcement” that could significantly aid in tracing cryptocurrency payments and attributing attacks to specific threat actors. The breach resembles a recent attack against the Everest ransomware operation, which used an identical defacement message. The notorious LockBit ransomware operation has suffered a significant breach. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Researchers noted that many of its recent victim claims were recycled from earlier attacks or from other ransomware groups.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 08 May 2025 03:00:01 +0000


Cyber News related to Lockbit Ransomware Hacked - Leaked Database Exposes Internal Chats

10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
2 months ago Cybersecuritynews.com
U.S. Joins U.K. to Seize LockBit Site, Disrupt Massive Ransomware Variant - The U.S. Department of Justice has partnered with the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group. The LockBit ransomware group is one of the most active ...
1 year ago Americansecuritytoday.com LockBit
10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
1 month ago Cybersecuritynews.com
Hubris May Have Contributed to Downfall of Ransomware Kingpin LockBit - For all its vaunted success, the LockBit ransomware operation appears to have already been beset by problems when an international law enforcement effort led by the UK's National Crime Agency shut it down this week. Though it's likely that the dozens ...
1 year ago Darkreading.com LockBit Ragnar Locker
Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ...
1 year ago Krebsonsecurity.com LockBit
LockBit Ransomware Targets German Energy Agency Dena - Dena, the reputed German Energy Agency, is said to have fallen victim to the notorious LockBit ransomware group. The Dena cyberattack was revealed through a post on the threat actor's dark web platform, where they disclose data breach incidents and ...
1 year ago Heimdalsecurity.com LockBit
Police arrest four suspects linked to LockBit ransomware gang - Previous arrests of Lockbit ransomware actors (some of them already charged for various offenses) include Mikhail Pavlovich Matveev (aka Wazawaka) in May 2023, Artur Sungatov and Ivan Gennadievich Kondratiev (aka Bassterlord) in February 2024, and ...
7 months ago Bleepingcomputer.com LockBit
LockBit attacks continue via ConnectWise ScreenConnect flaws - Exploitation of two critical ConnectWise vulnerabilities continues to mount, with many attacks attributed to ransomware gangs such as LockBit. Last month, ConnectWise disclosed an authentication bypass vulnerability, tracked as CVE-2024-1708, that ...
1 year ago Techtarget.com CVE-2024-1708 CVE-2024-1709 LockBit
LockBit Ransomware Gang's Website Shut Down - The U.K. National Crime Agency's Cyber Division, the FBI and international partners have cut off ransomware threat actors' access to LockBit's website, which has been used as a large ransomware-as-a-service storefront. According to CISA, LockBit was ...
1 year ago Techrepublic.com LockBit
Copycat Criminals mimicking Lockbit gang in northern Europe - Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. During the past months, the Lockbit gang reached very high popularity in the underground ecosystem. The ...
2 years ago Securityaffairs.com LockBit
TeamViewer abused to breach networks in new ransomware attacks - Ransomware actors are again using TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder. TeamViewer is a legitimate remote access tool used extensively in the ...
1 year ago Bleepingcomputer.com LockBit
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
11 months ago Bleepingcomputer.com LockBit Inc ransom Black Basta
Cops dismantled LockBit before latest variant hit market The Register - Law enforcement's disruption of the LockBit ransomware crew comes as the criminal group was working on bringing a brand-new variant to market, research reveals. As part of the daily LockBit leaks this week, Trend Micro's report on the group, ...
1 year ago Go.theregister.com LockBit
What is Lockbit Ransomware? The Most Essential Things You Need to Know - Lockbit ransomware is one of the latest malware threats to hit the cybersecurity world. It has been seen in several major ransomware attacks, including the attack on the software maker Nuance Communications. Lockbit is a particularly dangerous strain ...
2 years ago Tripwire.com LockBit
Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court | The Record from Recorded Future News - Since December, Justice Department officials have sought Panev’s extradition after a criminal complaint was unsealed last year accusing him of acting as a developer of the LockBit ransomware from 2019 to at least February 2024. The dual ...
1 month ago Therecord.media LockBit
WhatsApp Secret Code Feature Lets Users Set Unique Passwords - WhatsApp has announced the rollout of a new feature to safeguard sensitive conversations. The Secret Code feature provides additional protection to ensure users' private conversations remain secure and protected from unauthorized access. WhatsApp has ...
1 year ago Cybersecuritynews.com
Lockbit Ransomware Hacked - Leaked Database Exposes Internal Chats - The database includes approximately 60,000 unique Bitcoin wallet addresses used for ransom payments, 4,442 negotiation messages between LockBit operators and their victims spanning from December to late April, and details of custom ransomware builds ...
17 hours ago Cybersecuritynews.com Everest LockBit
Law enforcement trolls LockBit, reveals massive takedown - In an act of exquisite trolling, the UK's National Crime Agency has announced further details about its disruption of the LockBit ransomware group by using the group's own dark web website. Since the demise of Conti in 2022, LockBit has been ...
1 year ago Malwarebytes.com LockBit Cloak
The Impact of LockBits New ContiBased Encryptor on Ransomware - The LockBit ransomware gang has recently started using a new encryptor, called LockBit Green, which is based on the source code of the now-defunct Conti ransomware gang. This follows the gang's previous iterations of their encryptor, which began with ...
2 years ago Heimdalsecurity.com LockBit
LockBit claim about hacking U.S. Federal Reserve fizzles - The LockBit ransomware gang claimed it had breached the U.S. Federal Reserve, but it ultimately leaked data belonging to a single bank. On June 23, LockBit listed the U.S. Federal Reserve on its data leak site and claimed to have obtained roughly 33 ...
10 months ago Techtarget.com LockBit
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit
LockBit lied: Stolen data is from a bank, not US Federal Reserve - Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the central bank of the United States. The tall claim was followed up with LockBit ...
10 months ago Bleepingcomputer.com LockBit
LockBit targets hospitals - We did not see much research released on ransomware this week, with most of the news focusing on new attacks and LockBit affiliates increasingly targeting hospitals. These attacks include ones against Yakult Australia and the Ohio Lottery by the new ...
1 year ago Bleepingcomputer.com 8base LockBit Dragonforce
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
1 year ago Bleepingcomputer.com LockBit Akira Noescape
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta

Cyber Trends (last 7 days)