US EditionLockBit Ransomware Group Gets Hacked, Extortion Tactics Exposed
- The LockBit ransomware group suffered a major security breach on May 7, 2025, when its dark web panels and infrastructure were hacked and defaced with a taunt referencing Prague.
- The breach followed a background of ongoing law enforcement actions and LockBit's recent efforts to rebuild its infrastructure after 2024 international arrests weakened the group.
- Hackers leaked internal data including about 60,000 Bitcoin addresses, negotiation messages, affiliate communications, and technical tools, exposing operational and security flaws.
- LockBit stated only a management panel was compromised while core tools like decryptors and source code remained secure, and a public message said, "Don’t do crime CRIME IS BAD xoxo from Prague."
- This breach critically undermined LockBit's reputation and disrupted its operations, leading affiliates to shift their activities and prompting the group to offer rewards for tips that could identify the attacker, indicating heightened risks for future ransomware campaigns.
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.22 Articles
22 Articles
Lockbit Ransomware Group Has Been Hacked
Penka Hristovska Published on: May 9, 2025 Senior Editor The cybercriminals behind the ransom-extortion group Lockbit seem to have fallen victim to a breach of their own. The hack came to light on May 7, when all of Lockbit’s dark web affiliate panels, used to coordinate cyberattacks, were defaced with the message: “Don’t do crime. CRIME IS BAD xoxo from Prague.” The defacement also included a link to download a file titled paneldb_dump.zip, con…
GNT is the French Hi-Tech portal dedicated to new technologies (internet, software, hardware, mobility, business) and PC and console video games.
LockBit Ransomware Group Gets Hacked, Extortion Tactics Exposed
LockBit, the notorious ransomware group, reportedly suffered a massive data breach on Wednesday. As per the report, the group’s dark web platform’s admin and affiliate panels were compromised to show a message and link to a MySQL database dump. The database reportedly contains 20 tables that include sensitive information around the cybercriminal group’s affiliate network, extortion tactics, details around malware builds, as well as nearly 60,000…
LockBit hacked: What does the leaked data show? - Help Net Security
The affiliate panel of the infamous LockBit Ransomware-as-a-Service (RaaS) group has been hacked and defaced, showing a link to a MySQL database dump ostensibly containing leaked data relating to the group’s operations: The defaced dark web affiliate panel (Source: Help Net Security) The breach has been confirmed by LockBitSupp – the creator, developer and administator of the LockBit ransomware group – who downplayed the attack by saying that de…
Dark News is a weekly summary of cybersecurity, privacy, and hacking news.Themes are produced and selected by Juan Brodersen according to these editing criteria.Subscribe now2>9may-TL;DRAfter several weeks of flying low on media radar, ransomware returned to the center of the news: the biggest issue of the week was LockBit's hack, perhaps one of the biggest cybercriminal groups on the scene.Although the group was hurt after the interruption of i…
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
To view factuality data please Upgrade to Premium
