Published 2 days ago • loading... • Updated 15 hours ago

60,000 Bitcoin Wallets Leaked As LockBit Ransomware Hackers Get Hacked

On April 29th, 2025, the LockBit ransomware group experienced a security incident when their affiliate portals on the dark web were vandalized, resulting in the online exposure of a MySQL database dump.
This breach likely exploited the CVE-2024-4577 vulnerability in PHP 8.1.2 running the server, with defacement messages similar to a recent Everest ransomware hack suggesting a possible link.
The leaked database includes twenty tables with nearly 60,000 unique bitcoin addresses, 4,442 negotiation messages between victims and affiliates, and a users table listing 75 admins with plaintext passwords.
The LockBit operator known as LockBitSupp acknowledged the security breach, assuring that no private keys or victim information were compromised. Meanwhile, the defaced affiliate panels prominently featured a message discouraging criminal activity, signed off with a note referencing Prague.
This incident follows the 2024 Operation Cronos takedown of LockBit's infrastructure and adds to the gang's damaged reputation, though it remains uncertain if this breach will end their operations.

Insights by Ground AI

Does this summary seem wrong?

20 Articles

All

Left

Center

Right

Tech Radar

Center

LockBit ransomware gang gets hacked, leak exposes negotiations with victims

"Don't do crime, crime is bad," someone tells LockBit as they leak sensitive data.

22 hours ago·United Kingdom

Read Full Article

Forbes

Center

60,000 Bitcoin Wallets Leaked As LockBit Ransomware Hackers Get Hacked

Is this the end of the infamous LockBit ransomware gang?

1 day ago·United States

Read Full Article

BleepingComputer

+2 Reposted by 2 other sources

Center

LockBit ransomware gang hacked, victim negotiations exposed

The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump.

2 days ago

Read Full Article

Neue Zürcher Zeitung

Lean Right

How the police brought down the most notorious hacker group: the end of Lockbit

A year ago, investigators smash the blackmail gang Lockbit. Operation Cronos shows the world how to punish hackers in Russia.

2 days ago·Zürich, Switzerland

Read Full Article

IT Security News - cybersecurity, infosecurity news

The LockBit ransomware site was breached, database dump was leaked online

Lockbit ransomware group has been compromised, attackers stole and leaked data contained in the backend infrastructure of their dark web site. Hackers compromised the dark web leak site of the LockBit ransomware gang and defaced it, posting a message and… Read more → The post The LockBit ransomware site was breached, database dump was leaked online appeared first on IT Security News.

15 hours ago

Read Full Article

Cybersecurity Insiders

Ransomware news headlines trending on Google - Cybersecurity Insiders

LockBit Ransomware Gang Becomes Victim of Data Breach The infamous LockBit ransomware group, known for its double extortion tactics and involvement in high-profile cybercriminal activities, has itself fallen victim to a significant data breach. The attack has resulted in the leakage of sensitive data, reportedly sourced from a MySQL database dump, raising questions about the security measures within these underground criminal syndicates. While t…

18 hours ago

Read Full Article

Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/year