LockBit ransomware gang claims to have stolen data from PayBito crypto exchange

LockBit ransomware gang claims to have stolen customers’ data from the PayBito crypto exchange.

PayBito is a bitcoin and cryptocurrency exchange for major cryptocurrencies including Bitcoin Cash, Bitcoin, Ethereum, HCX, Litecoin, Ethereum Classic. The exchange is operated by global blockchain and IT services company HashCash.

LockBit ransomware operators claim to have stolen customers’ data from the PayBito crypto exchange, the name of the company was published on the gang’s Tor leak site.

“CryptoExchange of “HashCashConsultant” company, > 100k Users in DB. Customers from USA/WorldWide personal data, mail/hash, weak hash algorithm. Admins personal data, admin emails and hashes. If you want buy it – contact us with TOX.” reads the announcement published on the leak site.

Lockbit ransomware operators claim to have stolen a database containing personal data belonging to more than 100,000 customers worldwide.

The group also claims to have stolen email and password hashes that can be easily decrypted due to the use of a “weak hash algorithm.” The group also stole the admin’s personal data.

Stolen data will be published on February 21st, 2022 if the company will not pay the ransom.

The LockBit ransomware gang has been active since September 2019, in June 2021 the group announced the LockBit 2.0 RaaS. Like other ransomware gangs, Lockbit 2.0 determines the system and
user language settings and only targets those not matching a set list of languages that are
Eastern European.

After ransomware ads were banned on hacking forum, the LockBit operators set up their own leak site promoting the latest variant and advertising the LockBit 2.0 affiliate program.

This week, the FBI released a flash alert containing technical details associated with the LockBit ransomware operation.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, PayBito)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.