The #FBI and #DCIS disrupted #Danabot. #ESET was one of several companies that cooperated in this effort. https://www.welivesecurity.com/en/eset-research/danabot-analyzing-fallen-empire/
#ESETresearch has been involved in this operation since 2018. Our contribution included providing technical analyses of the malware and its backend infrastructure, as well as identifying Danabot’s C&C servers. Danabot is a #MaaS #infostealer that has also been seen pushing additional malware – even #ransomware, such as #LockBit, #Buran, and #Crisis – to compromised systems.
We have analyzed Danabot campaigns all around the world and found a substantial number of distinct samples of the malware, as well as identified more than 1,000 C&Cs.
This infostealer is frequently promoted on underground forums. The affiliates are offered an administration panel application, a backconnect tool for real-time control of bots, and a proxy server application that relays the communication between the bots and the C&C server.
IoCs are available in our GitHub repo. You can expect updates with more details in the coming days. https://github.com/eset/malware-ioc/tree/master/danabot

LockBit Leak Shows Affiliates Use Pressure Tactics, Rarely Get Paid https://hackread.com/lockbit-leak-affiliates-pressure-tactics-rarely-paid/ #Cybersecurity #CyberAttack #CyberCrime #Ransomware #LockBit #Malware #Ransom #RaaS #Tor

LockBit Leak Shows Affiliates Use Pressure Tactics, Rarely Get Paid – Source:hackread.com https://ciso2ciso.com/lockbit-leak-shows-affiliates-use-pressure-tactics-rarely-get-paid-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttack #CyberCrime #Ransomware #Hackread #LockBit #malware #Ransom #RaaS #Tor

The hackers got hacked! In an ironic twist, LockBit, the infamous ransomware-as-a-service gang, was breached. Watch the new episode of Cyberside Chats as @sherridavidoff and @MDurrin share the details and explain what it means for cyber defenders.

We explore what was leaked, why it matters, and how this incident compares to past takedowns like Conti. You'll also get the latest insights into the 2025 ransomware landscape, from victim stats to best practices for defending your organization.

Watch or listen now and get practical takeaways to strengthen your ransomware response playbook.

Watch: https://youtu.be/xr-8GhazgME
Listen: https://www.chatcyberside.com/e/lockbits-own-medicine-when-hackers-get-hacked/?token=914ee622fe9d4797c7a87bfedd0294f0

Weeks after #LockBit ransomware breach, leaked data reveals how affiliates generate ransomware, set ransom demands, and often walk away unpaid.

Read: https://hackread.com/lockbit-leak-affiliates-pressure-tactics-rarely-paid/

LockBit Leak Reveals Details About Ransom Payments, Vulnerabilities and RaaS Operations https://thecyberexpress.com/lockbit-leak-ransomware-revelations/ #LockBitransomwaregroup #TheCyberExpressNews #ThreatIntelligence #LockBitransomware #TheCyberExpress #Vulnerabilities #FirewallDaily #Ransomware #CyberNews #LockBit

Defenced: Gelekte LockBit chats: reputatie is alles, mei 9, 2025 Auteurs: Sam Cantineau & Renee van der Post
#ransomware #LockBit

https://defenced.nl/blog/gelekte-lockbit-chats-reputatie-is-alles/

Latest issue of my curated #cybersecurity and #infosec list of resources for week #19/2025 is out!

It includes the following and much more:

The #Signal clone the Trump admin uses was hacked;

ICE's airline hacked;

The DragonForce #ransomware group claimed responsibility for recent cyberattacks on UK retailers;

NATO hosting the Locked Shields 2025 cyber defense exercise in Estonia;

The #LockBit ransomware gang was hacked!

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end

https://infosec-mashup.santolaria.net/p/infosec-mashup-19-2025

LockBit Ransomware Admin Panel Hacked, Leaks Reveal Inside Details – Source: www.securityweek.com https://ciso2ciso.com/lockbit-ransomware-admin-panel-hacked-leaks-reveal-inside-details-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #securityweekcom #securityweek #ransomware #dataleak #FEATURED #Lockbit #hacked

The reference to the Prague Spring, the 1968 period of political reform in Czechoslovakia crushed by Soviet intervention, is unlikely to be a coincidence. “From Prague” seems to be a symbolic nod to rebellion against authoritarian oppression—recontextualized today as resistance against organized cybercrime.

https://www.suspectfile.com/who-is-behind-from-prague-an-attack-on-lockbit-inspired-by-the-prague-spring/

LockBit Ransomware Gang Hacked, Operations Data Leaked – Source: www.darkreading.com https://ciso2ciso.com/lockbit-ransomware-gang-hacked-operations-data-leaked-source-www-darkreading-com/ #rssfeedpostgeneratorecho #DarkReadingSecurity #CyberSecurityNews #DARKReading #Lockbit

LockBit ransomware gang breached, secrets exposed https://www.tripwire.com/state-of-security/lockbit-ransomware-gang-breached-secrets-exposed #Ransomware #databreach #ransomware #Guestblog #Dataloss #Lockbit