LockBit's seized darknet site resurrected by police, teasing new revelations

The ransomware service LockBit’s darknet extortion site, which had been shuttered earlier this year after being infiltrated by law enforcement, reappeared on Sunday with police teasing fresh information about the criminals involved.

It follows the closure of the site in February, after the United Kingdom’s National Crime Agency (NCA) announced they had hacked the ransomware-as-a-service platform and “gained unprecedented and comprehensive access to LockBit’s systems.”

While the site had previously been used to publish stolen information from the ransomware gang’s victims, under the control of the NCA it was instead used to show off how much information investigators had obtained from the service’s backend.

This information was published under the proviso that what the police were releasing didn’t interfere with ongoing investigations. A week of revelations subsequently appeared on the site, each of them trailered beneath a countdown, including claims that LockBit did not delete data even when it had pledged to victims to do so.

The fruits of some of those investigations are likely to be published on the site soon, with the resurrected darknet page teasing a range of information alongside timers set to 14:00 UTC on Tuesday, May 6.

Leave a Comment