Lockbit勒索軟件黑客攻擊，內部數據在線洩漏

據報導，最臭名昭著的勒索軟件組之一已被黑客入侵，其內部數據在線洩漏。約翰·多伊（John Doe）。 2023年4月18日更新。

One of the most notorious ransomware groups, LockBit, has reportedly been hacked, with its internal data leaked online.

據報導，最臭名昭著的勒索軟件組之一已被黑客入侵，其內部數據在線洩漏。

According to the blockchain security firm SlowMist, a hacker, presumed to be from Prague, exposed more than 60,000 Bitcoin addresses, along with 75 user credentials and ransom negotiation logs.

根據區塊鏈安全公司Slowmist的說法，一名被認為來自布拉格的黑客，揭露了60,000多個比特幣地址，以及75個用戶憑證和贖金和贖金的談判日誌。

The breach also revealed access to a PHP-based management platform used by LockBit. According to SlowMist analysts, the hacker took advantage of a vulnerability in PHP to seize control of LockBit’s management system. This enabled them to obtain sensitive information, thus raising concerns regarding the group’s security measures.

違規行為還揭示了對洛克比特（Lockbit）使用的基於PHP的管理平台的訪問權限。根據Slowmist分析師的說法，黑客利用了PHP中的脆弱性來抓住對Lockbit的管理系統的控制。這使他們能夠獲得敏感信息，從而引發了對小組安全措施的擔憂。

LockBit acknowledged the severity of the attack, but downplayed its impact. In an official statement, the platform admitted the breach and confirmed that no decryptors were lost and the critical company data was not affected. Nevertheless, the platform admitted that the breach would damage the forum’s reputation.

洛克比特承認襲擊的嚴重性，但淡化了其影響。該平台在一份官方聲明中承認違規行為，並確認沒有解密者丟失，關鍵公司數據也沒有影響。儘管如此，該平台承認違規行為會損害論壇的聲譽。

Moreover, the group stated that their source code was still safe even after the incident, and reported that recovery efforts were already in process. In an unprecedented step, the group even posted a bounty to identify the hacker, despite the U.S. government previously offering up to $15 million for information about LockBit operatives.

此外，該小組表示，即使在事件發生後，他們的源代碼仍然安全，並報告說恢復工作已經在進行中。在前所未有的一步中，該組織甚至發布了一個賞金來確定黑客，儘管美國政府此前曾提供高達1500萬美元的有關Lockbit操作員的信息。

This attack highlights the vulnerabilities of even the most recognized cybercriminal organizations. Although ransomware gangs are infamous for their abilities in cybersecurity, this event demonstrates that a system can be incapable of resisting hacks.

這次攻擊突出了即使是最知名的網絡犯罪組織的脆弱性。儘管勒索軟件團伙因其網絡安全的能力而臭名昭著，但此事件表明系統無法抵抗黑客攻擊。

As the investigations continue, it is unclear to what extent this incident will impact LockBit’s operations. The leakage can set back the group’s current activities, but the chances of its complete recovery remain uncertain.

隨著調查的繼續，目前尚不清楚這一事件在多大程度上會影響洛克比特的行動。洩漏可以恢復小組的當前活動，但其完全恢復的機會仍然不確定。

With law enforcement agencies keeping a close watch on the situation, the future of LockBit as a premier ransomware group now hangs in the balance.

隨著執法機構對這種情況進行密切關注，洛克比特（Lockbit）作為總理勒索軟件集團的未來現在就處於平衡狀態。