- Buy Crypto
- Markets
Futures- Spot
- Copy Trade
- Earn
- More
LockBit ransomware gang gets hacked, 60K Bitcoin addresses leaked
By: bitcoin ethereum news|2025/05/08 20:00:06
0
Share
Ransomware group LockBit has been struck by a cyberattack that exposed its internal operations. Nearly 60,000 Bitcoin wallet addresses associated with the group’s activities have been leaked, along with thousands of victim communications and detailed records from its backend infrastructure. The breach, first noticed by cybercriminal researcher Rey late Wednesday, occurred at the end of April 2025. LockBit’s dark web affiliate panels were defaced, replaced by a message that read, “Don’t do crime. CRIME IS BAD xoxo from Prague,” with a link to a MySQL database dump titled “paneldb_dump.zip.” So LockBit just got pwned ... xD pic.twitter.com/Jr94BVJ2DM — Rey (@ReyXBF) May 7, 2025 “A basic analysis of the database indicates that the dump was created around April 29, suggesting that LockBit was compromised on or before that date and subsequently defaced on May 7,” confirmed Rey. Data exposure in panel dump According to Rey, citing an analysis from cybersecurity publication BleepingComputer, there were about 20 tables in the leaked database, including a ‘btc_addresses’ table that listed 59,975 unique Bitcoin wallet addresses connected to LockBit’s ransomware payments. Other notable data in the leak includes a ‘builds’ table, which details the ransomware payloads created by LockBit affiliates. The table includes public encryption keys and, in some cases, names of targeted companies. The ‘builds_configurations’ table showed which files or servers affiliates configured their attacks to avoid or encrypt, and several other operational tactics used in previous ransomware campaigns. As seen in one table dubbed ‘chats,’ there were over 4,400 negotiation messages between LockBit affiliates and victims, spanning from December 19, 2024, to April 29, 2025. pic.twitter.com/gjbtzQg9VM — Ransom-DB (@Ransom_DB) May 8, 2025 The dump also exposes a ‘users’ table listing 75 LockBit administrators and affiliates with access to the group’s backend panel. Security sleuths were shocked to discover that user passwords were stored in plaintext. Cybersecurity researcher Michael Gillespie mentioned some of the exposed passwords, including “Weekendlover69,” “MovingBricks69420,” and “Lockbitproud231.” LockBitSupp, a known operator of the LockBit group, confirmed in a Tox chat with Rey that the breach was real. Still, the operator insisted that no private keys or critical data had been lost. Response From LockBitSupp (This is a translated image): pic.twitter.com/l54g1A5hXz — Rey (@ReyXBF) May 7, 2025 Alon Gal, Chief Technology Officer at Hudson Rock, said the data also includes custom ransomware builds and some decryption keys. According to Gal, if verified, the keys could help some victims recover their data without paying ransoms. Exploiting server vulnerabilities An analysis of the SQL dump revealed the affected server was running PHP 8.1.2, a version vulnerable to a flaw identified as “CVE-2024-4577.” The vulnerability allows remote code execution, which explains how attackers were able to infiltrate and exfiltrate LockBit’s backend systems. Security professionals believe the style of the defacement message may link the incident to a recent breach of the Everest ransomware site, which used the same “CRIME IS BAD” phrasing. The similarity suggests that the same actor or group may be behind both incidents, though no clear attribution has been confirmed. The hackers behind the breach have not come forward, but Kevin Beaumont, a UK-based security outfit, said the group DragonForce could be responsible. “Somebody has hacked LockBit. I’m going to guess DragonForce,” he wrote on Mastodon. According to the BBC, DragonForce was allegedly involved in several cyberattacks on UK retailers, including Marks & Spencer, Co-op, and Harrods. In 2024, Operation Cronos, a UK-led multinational effort involving law enforcement agencies from ten countries, including the Federal Bureau of Investigation (FBI) temporarily stopped LockBit’s activities, although the group eventually resurfaced. The operation reportedly took down 34 servers, confiscated crypto wallets, and uncovered over 1,000 decryption keys. Law enforcement believes LockBit’s operators are based in Russia, a jurisdiction that would be hard to bring them to justice in. Ransomware gangs centre their operations within Russia’s borders because direct arrests are nearly impossible. Cryptopolitan Academy: Coming Soon – A New Way to Earn Passive Income with DeFi in 2025. Learn More Source: https://www.cryptopolitan.com/lockbit-ransomware-gang-hacked-60k-bitcoin/
You may also like
Particle Founder: The entrepreneurial insights I have gained the most from in the past year
Stop lean startup, stop lightning entrepreneurship, and think carefully about what your product aspirations are.
Huang Renxun's latest podcast transcript: The future of Nvidia, the development of embodied intelligence and agents, the explosion of inference demand, and the public relations crisis of artificial intelligence
The competition in the future is not just about whose model is larger or whose computing power is stronger, but also about who understands the industry better, who can embed AI more deeply into real processes, and who can organize these capabilities into a runnable and scalable system.
OKX Ventures Research Report: AI Agent Economic Infrastructure Research Report (Part 1)
The existing infrastructure is hostile to the Agent economy. Agents can think and act independently at the "capability level," but at the "economic level," they are still locked into infrastructure designed for humans.
The migration of settlement rights: B18 and the institutional starting point of on-chain banks
In the traditional system, banks decide the settlement; in the on-chain system, code begins to take over this responsibility.
From Tencent and Circle: Looking at the Simple and Difficult Questions of Investment
The AI narrative continues to ferment, but the recent performance of related stocks varies, with some in the midst of summer and others as if in winter.
The second half of stablecoins no longer belongs to the crypto circle
What Coinbase doesn't want, Mastercard is eager to buy.
Cursor "Shell" Kimi Controversy Reversed: From Copyright Infringement Allegations to Authorized Collaboration, China's Open Source Model Once Again Becomes a Global AI Foundation
Cursor was accused of being based on Kimi K2.5, which sparked controversy, and was later confirmed to be compliant through Fireworks AI due diligence.
The Real Reason Tokens Don't Sell: 90% of Crypto Projects Overlook Investor Relations
Provide an Investor Relations Best Practices Guide for Crypto Projects.
Is the income of pump.fun real, earning a million dollars a day despite the market downturn?
If it can really earn this much, what is the reason for the low price of $PUMP?
The real reason why tokens are not selling: 90% of crypto projects neglect investor relations
Investor Relations Practice Guide for Cryptocurrency Projects.
Who is the true winner of the "Tokenization" narrative?
Virtually everyone benefits, but the reason for the benefit, the timing, and the underlying logic are completely different.
Moss: The Era of AI-Traded by Anyone | Project Introduction
AI Trading Agent is rapidly growing its infrastructure.
Chip Smuggling Case Exposes Regulatory Loophole | Rewire News Evening Update
AI chips have become a strategic asset more sensitive than missiles
How a Structured AI Crypto Trading Bot Won at the WEEX Hackathon
Ritmex demonstrates how disciplined risk control and structured signals can make an AI crypto trading bot more stable and reliable on WEEX, highlighting the importance of combining execution discipline with scalable AI trading systems.
Old Indicator Fails, Three Major New Signals Emerge: BTC True Bottom May Still Be Below $60K
When the grocery shopping auntie on the subway, or Tony the hairdresser, start asking you about BTC, crypto, and cryptocurrency investments, selling immediately will be the only best option.
Meeting OpenClaw Founder at a Hackathon: What Else Can Lobsters Do?
Imperial College London MetaGame: AI Agent × Web3 Landing Three Major Directions.
Huang Renxun's Latest Podcast Transcript: NVIDIA's Future, Embodied Intelligence and Agent Development, Soaring Demand for Inferencing, and AI's PR Crisis
The future of competition is not only about whose model is bigger, whose computing power is stronger, but also about who understands the industry better, who can more deeply integrate AI into real processes, and who can organize these capabilities into a set of executable, scalable systems
How a Structured AI Crypto Trading Bot Won at the WEEX Hackathon
Crypto_Trade shows how structured inputs and controlled adaptability can build a more stable and reliable AI crypto trading bot within the WEEX AI Trading Hackathon, highlighting a practical path toward scalable AI trading systems.
Particle Founder: The entrepreneurial insights I have gained the most from in the past year
Stop lean startup, stop lightning entrepreneurship, and think carefully about what your product aspirations are.
Huang Renxun's latest podcast transcript: The future of Nvidia, the development of embodied intelligence and agents, the explosion of inference demand, and the public relations crisis of artificial intelligence
The competition in the future is not just about whose model is larger or whose computing power is stronger, but also about who understands the industry better, who can embed AI more deeply into real processes, and who can organize these capabilities into a runnable and scalable system.
OKX Ventures Research Report: AI Agent Economic Infrastructure Research Report (Part 1)
The existing infrastructure is hostile to the Agent economy. Agents can think and act independently at the "capability level," but at the "economic level," they are still locked into infrastructure designed for humans.
The migration of settlement rights: B18 and the institutional starting point of on-chain banks
In the traditional system, banks decide the settlement; in the on-chain system, code begins to take over this responsibility.
From Tencent and Circle: Looking at the Simple and Difficult Questions of Investment
The AI narrative continues to ferment, but the recent performance of related stocks varies, with some in the midst of summer and others as if in winter.
The second half of stablecoins no longer belongs to the crypto circle
What Coinbase doesn't want, Mastercard is eager to buy.
App