The threat actors responsible for the LockBit ransomware operation have resurfaced on the dark web, using new infrastructure, just days after an international law enforcement exercise seized control of its servers.
To that end, the notorious group has relocated its data leak portal to a new.onion address on the TOR network, with 12 new victims as of this writing. In a lengthy follow-up message, the administrator behind LockBit stated that some of their websites were confiscated by most likely exploiting a critical PHP flaw identified as CVE-2023-3824, and that they did not update PHP due to “personal negligence and irresponsibility.”
The group went on to state that the affiliates’ nicknames have “nothing to do with their real nicknames on forums and even nicknames in messengers.”
Read More: LockBit Ransomware Group Resurfaces After Law Enforcement Takedown
Check Out The New ITsecuritywire Podcast. For more such updates follow us on Google News ITsecuritywire News.