Almost 60,000 Bitcoin addresses tied to LockBit’s ransomware infrastructure have been leaked after hackers breached the group’s dark web affiliate panel
The leak included a MySQL database dump shared publicly online. It contains crypto-related information that could help blockchain analysts trace the group’s illicit financial flows.
Ransomware is a type of malware used by malicious actors. It locks its target’s files or computer systems, making them inaccessible. The attackers typically demand a ransom payment, often in digital assets like Bitcoin (BTC), in exchange for a decryption key to unlock the files.
LockBit is one of the most notorious crypto ransomware groups. In February 2024, 10 countries launched a joint operation to disrupt the group, saying that the organization caused billions in damages to key infrastructure
![]()
Source: ReyXBF## No Bitcoin private keys leaked
While almost 60,000 Bitcoin wallets were leaked, no private keys were leaked. One X user shared a conversation with a LockBit operator, confirming the breach. However, the LockBit personnel said no private keys or data were lost
Despite this, analysts at Bleeping Computer said the database contained twenty tables, including a “builds” table. This contains individual ransomware builds created by the organization’s affiliates. The data also included some of the target companies for the builds
In addition, the leaked database also included a “chats” table. This table contained over 4,400 negotiation messages between victims and the ransomware organization
Related: Crypto crime in 2024 likely exceeded $51B, far higher than reported: Chainalysis
LockBit hack tied to Everest ransomware breach
It’s unclear who was behind the breach and how they got into LockBit’s operations, but Bleeping Computer analysts said the message used in the Everest ransomware site breach matches the one used in LockBit. The analysts suggested that there may be a link between the two incidents
The breach highlights the role that crypto plays in the ransomware economy. Each victim is usually assigned an address to pay their ransom, allowing the affiliates to monitor payments while attempting to obscure ties to their main wallets
The exposure of the addresses allows law enforcement and blockchain investigators to track patterns and potentially link past ransom payments to known wallets
Magazine: Adam Back says Bitcoin price cycle ’10x bigger’ but will still decisively break above $100K
- #Bitcoin
- #Blockchain
- #Cryptocurrencies
- #Fraud
- #Hackers
- #Cybercrime
- #Cybersecurity
- #Hacks
Add reaction
![]()
Застереження: Інформація на цій сторінці може походити від третіх осіб і не відображає погляди або думки Gate. Вміст, що відображається на цій сторінці, є лише довідковим і не є фінансовою, інвестиційною або юридичною порадою. Gate не гарантує точність або повноту інформації і не несе відповідальності за будь-які збитки, що виникли в результаті використання цієї інформації. Інвестиції у віртуальні активи пов'язані з високим ризиком і піддаються значній ціновій волатильності. Ви можете втратити весь вкладений капітал. Будь ласка, повністю усвідомлюйте відповідні ризики та приймайте обережні рішення, виходячи з вашого фінансового становища та толерантності до ризику. Для отримання детальної інформації, будь ласка, зверніться до
Застереження.
