Lockbit勒索软件黑客攻击，内部数据在线泄漏

据报道，最臭名昭著的勒索软件组之一已被黑客入侵，其内部数据在线泄漏。约翰·多伊（John Doe）。 2023年4月18日更新。

One of the most notorious ransomware groups, LockBit, has reportedly been hacked, with its internal data leaked online.

据报道，最臭名昭著的勒索软件组之一已被黑客入侵，其内部数据在线泄漏。

According to the blockchain security firm SlowMist, a hacker, presumed to be from Prague, exposed more than 60,000 Bitcoin addresses, along with 75 user credentials and ransom negotiation logs.

根据区块链安全公司Slowmist的说法，一名被认为来自布拉格的黑客，揭露了60,000多个比特币地址，以及75个用户凭证和赎金和赎金的谈判日志。

The breach also revealed access to a PHP-based management platform used by LockBit. According to SlowMist analysts, the hacker took advantage of a vulnerability in PHP to seize control of LockBit’s management system. This enabled them to obtain sensitive information, thus raising concerns regarding the group’s security measures.

违规行为还揭示了对洛克比特（Lockbit）使用的基于PHP的管理平台的访问权限。根据Slowmist分析师的说法，黑客利用了PHP中的脆弱性来抓住对Lockbit的管理系统的控制。这使他们能够获得敏感信息，从而引发了对小组安全措施的担忧。

LockBit acknowledged the severity of the attack, but downplayed its impact. In an official statement, the platform admitted the breach and confirmed that no decryptors were lost and the critical company data was not affected. Nevertheless, the platform admitted that the breach would damage the forum’s reputation.

洛克比特承认袭击的严重性，但淡化了其影响。该平台在一份官方声明中承认违规行为，并确认没有解密者丢失，关键公司数据也没有影响。尽管如此，该平台承认违规行为会损害论坛的声誉。

Moreover, the group stated that their source code was still safe even after the incident, and reported that recovery efforts were already in process. In an unprecedented step, the group even posted a bounty to identify the hacker, despite the U.S. government previously offering up to $15 million for information about LockBit operatives.

此外，该小组表示，即使在事件发生后，他们的源代码仍然安全，并报告说恢复工作已经在进行中。在前所未有的一步中，该组织甚至发布了一个赏金来确定黑客，尽管美国政府此前曾提供高达1500万美元的有关Lockbit操作员的信息。

This attack highlights the vulnerabilities of even the most recognized cybercriminal organizations. Although ransomware gangs are infamous for their abilities in cybersecurity, this event demonstrates that a system can be incapable of resisting hacks.

这次攻击突出了即使是最知名的网络犯罪组织的脆弱性。尽管勒索软件团伙因其网络安全的能力而臭名昭著，但此事件表明系统无法抵抗黑客攻击。

As the investigations continue, it is unclear to what extent this incident will impact LockBit’s operations. The leakage can set back the group’s current activities, but the chances of its complete recovery remain uncertain.

随着调查的继续，目前尚不清楚这一事件在多大程度上会影响洛克比特的行动。泄漏可以恢复小组的当前活动，但其完全恢复的机会仍然不确定。

With law enforcement agencies keeping a close watch on the situation, the future of LockBit as a premier ransomware group now hangs in the balance.

随着执法机构对这种情况进行密切关注，洛克比特（Lockbit）作为总理勒索软件集团的未来现在就处于平衡状态。