Crypto Scam: LockBit Ransomware Gang Hacked, 60,000 Bitcoin Addresses Exposed
Coinspeaker
Crypto Scam: LockBit Ransomware Gang Hacked, 60,000 Bitcoin Addresses Exposed
LockBit ransomware has fallen victim to a crypto scam that led to the leak of a comprehensive database with sensitive information. The exploit on May 7 exposed about 60,000 Bitcoin BTC $96 611 24h volatility: 2.1% Market cap: $1.92 T Vol. 24h: $29.09 B addresses and marked a significant blow to the notorious ransomware group.
LockBit Tastes Its Own Medicine
LockBit has plagued several crypto firms for the longest term, introducing malicious bugs to their victims’ protocols in epic ransomware attacks. It usually locks its target’s files or computer systems, making them inaccessible for as long as it wishes. After a while, it demands a ransom payment for a decryption key to unlock the files and restore access.
It is worth noting that ransom is often used in crypto scams involving assets like Bitcoin. By leveraging this approach, LockBit ransomware has been responsible for losing a lot of money in cryptocurrencies.
Unfortunately for LockBit, the recent incident gave it a taste of its own medicine. Anyone who tries to visit LockBit’s dark websites is now greeted with a defiant message: “Don’t do crime CRIME IS BAD xoxo from Prague”. This is in addition to a link to download a file named “paneldb_dump.zip” containing a MySQL database dump.
So LockBit just got pwned … xD pic.twitter.com/Jr94BVJ2DM
— Rey (@ReyXBF) May 7, 2025
There was also crypto-related information that could help security firms and blockchain analysts trace the illicit financial flows that LockBit ransomware has recorded. Last year, 10 countries launched a joint operation to curtail their operations, possibly leading to a drop in extortion and ransomware payments.
Any Bitcoin Private Key at Risk?
According to a conversation between an X user and a LockBit operator shared by the former, no Bitcoin private key was jeopardized due to the hack.
However, analysts from Bleeping Computer claimed that the leaked database contained 20 tables. Amongst these tables was a “builds” table that included individual ransomware builds created by the organization’s affiliates.
This table also displays potential companies for the builds. A “chats” table showed more than 4,400 negotiation messages passed between victims and LockBit ransomware.
For now, nothing is known about the perpetrator of the attack or how they achieved the breach. Meanwhile, Bleeping Computer has identified a semblance in the message used in the Everest ransomware site breach and the one used in LockBit. With this information, there are speculations that both incidents may be connected somehow.
Crypto Hack Still on the Rise
A few days ago, TRON DAO’s X account was attacked by a hacker who leveraged unauthorized access to publish a post with a contract address. The hacker also sent Direct Messages (DMs) to several accounts and followed many others on X without authorization. The intent here was likely to scam users.
“TRON DAO will never post contract addresses or send unsolicited DMs. If you received a DM from our account on May 2, please delete it and consider it the work of the attacker,” the protocol clarified.
TRON founder Justin Sun acted immediately, urging cryptocurrency exchange OKX to freeze funds believed to be linked to the exploit. With crypto scams still growing, security experts continue to advise users to exercise utmost caution in social and financial interactions.
Crypto Scam: LockBit Ransomware Gang Hacked, 60,000 Bitcoin Addresses Exposed
Read More
LockBit breach exposes 60,000 Bitcoin addresses, offers bounty for hacker’s identity
Crypto Scam: LockBit Ransomware Gang Hacked, 60,000 Bitcoin Addresses Exposed
Coinspeaker
Crypto Scam: LockBit Ransomware Gang Hacked, 60,000 Bitcoin Addresses Exposed
LockBit ransomware has fallen victim to a crypto scam that led to the leak of a comprehensive database with sensitive information. The exploit on May 7 exposed about 60,000 Bitcoin BTC $96 611 24h volatility: 2.1% Market cap: $1.92 T Vol. 24h: $29.09 B addresses and marked a significant blow to the notorious ransomware group.
LockBit Tastes Its Own Medicine
LockBit has plagued several crypto firms for the longest term, introducing malicious bugs to their victims’ protocols in epic ransomware attacks. It usually locks its target’s files or computer systems, making them inaccessible for as long as it wishes. After a while, it demands a ransom payment for a decryption key to unlock the files and restore access.
It is worth noting that ransom is often used in crypto scams involving assets like Bitcoin. By leveraging this approach, LockBit ransomware has been responsible for losing a lot of money in cryptocurrencies.
Unfortunately for LockBit, the recent incident gave it a taste of its own medicine. Anyone who tries to visit LockBit’s dark websites is now greeted with a defiant message: “Don’t do crime CRIME IS BAD xoxo from Prague”. This is in addition to a link to download a file named “paneldb_dump.zip” containing a MySQL database dump.
So LockBit just got pwned … xD pic.twitter.com/Jr94BVJ2DM
— Rey (@ReyXBF) May 7, 2025
There was also crypto-related information that could help security firms and blockchain analysts trace the illicit financial flows that LockBit ransomware has recorded. Last year, 10 countries launched a joint operation to curtail their operations, possibly leading to a drop in extortion and ransomware payments.
Any Bitcoin Private Key at Risk?
According to a conversation between an X user and a LockBit operator shared by the former, no Bitcoin private key was jeopardized due to the hack.
However, analysts from Bleeping Computer claimed that the leaked database contained 20 tables. Amongst these tables was a “builds” table that included individual ransomware builds created by the organization’s affiliates.
This table also displays potential companies for the builds. A “chats” table showed more than 4,400 negotiation messages passed between victims and LockBit ransomware.
For now, nothing is known about the perpetrator of the attack or how they achieved the breach. Meanwhile, Bleeping Computer has identified a semblance in the message used in the Everest ransomware site breach and the one used in LockBit. With this information, there are speculations that both incidents may be connected somehow.
Crypto Hack Still on the Rise
A few days ago, TRON DAO’s X account was attacked by a hacker who leveraged unauthorized access to publish a post with a contract address. The hacker also sent Direct Messages (DMs) to several accounts and followed many others on X without authorization. The intent here was likely to scam users.
“TRON DAO will never post contract addresses or send unsolicited DMs. If you received a DM from our account on May 2, please delete it and consider it the work of the attacker,” the protocol clarified.
TRON founder Justin Sun acted immediately, urging cryptocurrency exchange OKX to freeze funds believed to be linked to the exploit. With crypto scams still growing, security experts continue to advise users to exercise utmost caution in social and financial interactions.
Crypto Scam: LockBit Ransomware Gang Hacked, 60,000 Bitcoin Addresses Exposed
Read More