Search

LockBit Ransomware Group Reportedly Suffers Data Breach, Extortion Tactics Revealed

LockBit group’s admin and affiliate panels were reportedly defaced and replaced with a message and link to MySQL database.

Advertisement
Highlights
  • The panels said to show the message “Don’t do crime[.]Crime is bad”
  • The MySQL database dump reportedly contains twenty tables
  • It also shows negotiation messages between LockBit and victims
LockBit Ransomware Group Reportedly Suffers Data Breach, Extortion Tactics Revealed

As many as 75 admin and affiliate names were also listed in a “users” table

Photo Credit: Unsplash/Desola Lanre-Ologun

LockBit, the notorious ransomware group, reportedly suffered a massive data breach on Wednesday. As per the report, the group's dark web platform's admin and affiliate panels were compromised to show a message and link to a MySQL database dump. The database reportedly contains 20 tables that include sensitive information around the cybercriminal group's affiliate network, extortion tactics, details around malware builds, as well as nearly 60,000 Bitcoin addresses. Notably, this is the second time the ransomware group has been hacked, with the previous attack occurring in 2024.

LockBit Hack Reveal Insights Into The Gang's Workings

The data breach was first spotted by X (formerly known as Twitter) user Rey, who posted a screenshot of the admin panel. All of the admin and affiliate panels were reportedly taken over to display the message, “Don't do crime[.]CRIME IS BAD xoxo from Prague.” The text is followed by the MySQL link "paneldb_dump.zip."

According to a BleepingComputer report, the link leads to a MySQL file containing a massive database. The data reportedly features 20 different tables, where some tables revealed information about how the ransomware group functioned, as well as its malware builds.

One of the tables, labelled “btc_addresses,” reportedly features as many as 59,975 unique Bitcoin addresses. Another “builds” table is said to feature individual malware builds that were created by the group's affiliates. These are said to be different versions of the same ransomware that the group used to attack others. Some of the builds reportedly also mentioned the names of the targeted companies. This table is also said to feature public keys to the builds, but no private keys. Private keys are necessary to access the ransomware.

Apart from this, the database reportedly featured a “builds_configurations” that revealed information about different configurations used for each version of the malware. The most interesting information, however, was reportedly contained in the “chats” table.

The table is said to contain 4,442 negotiation messages between the LockBit ransomware operators and victims. The messages reportedly were dated between December 19, 2024 and April 29. This list highlighted different extortion techniques used by the gang.

Further, a “users” table reportedly revealed the names of 75 admins and affiliates of the group. These names were said to belong to individuals who had access to the panels. Additionally, the table also contained passwords used by the admins in plaintext.

In a separate post, Rey shared a conversation with a LockBit operator, who goes by the username “LockBitSupp”, confirming the data breach. The operator stated that the source code of the ransomware and private keys were not lost during the hack. The group or individual behind the LockBit hack is currently not known.

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

 
Show Full Article
Please wait...
Advertisement
Popular Mobile Brands
  1. OnePlus Nord 5 and Nord CE 5 Colour Options, Key Features Leaked
  2. Nothing Phone 3 to Be Equipped With the Snapdragon 8s Gen 4 SoC
  3. Samsung Galaxy M36 5G to Launch in India Soon; Design, Price Range Teased
  4. Poco F7 5G to Launch in India and Global Markets on This Date
  5. Trump Mobile T1 Phone With 5,000mAh Battery Announced; See Price, Features
  1. Nintendo Direct Livestream Featuring Donkey Kong Bananza Announced for June 18
  2. Amazfit Active 2 Square Debuts With 1.75-Inch AMOLED Display and Up to 10 Days Battery Life
  3. Samsung’s Exynos 2500 SoC Confirmed to Feature Satellite Connectivity Ahead of Galaxy Z Flip 7 Launch
  4. Nothing Phone 3 Confirmed to Come With Snapdragon 8s Gen 4 SoC Ahead of July 1 Launch
  5. Samsung Galaxy M36 5G India Launch Teased; Rear Design and Price Range Revealed
  6. Reddit Unveils Reddit Community Intelligence, Its Suite of AI-Powered Ad Tools for Enterprises
  7. Sony Bravia 8 II QD-OLED TV Series With Acoustic Surface+ Audio, Studio Calibrated Mode Launched in India
  8. Asus Unveils Refreshed Vivobook S16, S16 OLED Laptops in India Alongside Vivobook S14: Price, Features
  9. Apple Watch Ultra 3 Said to Launch This Year; Product Roadmap for Next Three Years Leaked
  10. Google Unveils India-Focused Safety Charter, Shares How It Is Using AI to Combat Online Frauds and Scams
Gadgets 360 is available in
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.
Trending Products »
Latest Tech News »