{"id":57262,"date":"2022-02-07T12:19:29","date_gmt":"2022-02-07T10:19:29","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=57262"},"modified":"2025-09-04T10:51:03","modified_gmt":"2025-09-04T07:51:03","slug":"lockbit-ransomware-operators-claim-data-theft-from-paybito-affecting-more-than-100000-clients","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/lockbit-ransomware-operators-claim-data-theft-from-paybito-affecting-more-than-100000-clients\/","title":{"rendered":"LockBit ransomware operators claim data theft from PayBito affecting more than 100,000 clients"},"content":{"rendered":"<p>The operators of the LockBit ransomware threaten to release PayBito exchange client data publicly. <a href=\"https:\/\/securityaffairs.co\/wordpress\/127683\/cyber-crime\/lockbit-ransomware-hit-paybito.html\">Security Affairs reports<\/a>.<\/p>\n<p>On a site on the Tor network, hackers said they had managed to steal the trading platform&#8217;s database containing the personal information of more than 100,000 clients.<\/p>\n<p>The database allegedly contains hashes of email addresses and passwords that can be easily decrypted due to the use of a &#8216;weak hashing algorithm&#8217;. The extortionists also claim to have obtained the exchange&#8217;s administrators&#8217; personal data.<\/p>\n<p>If PayBito does not pay the ransom by February 21, 2022, LockBit promises to publish the stolen data on its site.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh4.googleusercontent.com\/n6Gx8hl8tl9LRQsTV6RqhTWhahdb1dGz6quPjomT5MknaAM0Z7TkElTu92fESQ2cKMYGhZaAU_WNi-63U-39KajOrsvaEp-bg3YDwbQ9iBMRGqteZxZB4SNVIwciHWLCBSrlb0DP\" alt=\"LockBit ransomware operators report data theft from PayBito of more than 100,000 clients\"\/><figcaption>Data: Security Affairs.<\/figcaption><\/figure>\n<p>The Bitcoin ransomware <a href=\"https:\/\/u1f987.com\/en\/news\/lockbit-ransomware-operators-published-stolen-data-of-us-residents\">is targeted<\/a> at companies and business users. The activity of the early variant of the ransomware occurred in mid-October 2019.<\/p>\n<p>LockBit spreads through compromising unsecured remote desktop configurations, phishing emails with malicious attachments, botnets, exploits, malvertising, code injection, fake updates and infected installers.<\/p>\n<p>On infecting the victim&#8217;s computer, LockBit deletes shadow copies, disables Windows restore and patching at boot, and clears the operating system logs.<\/p>\n<p>Earlier in January, the LockBit operators posted in the public domain data of users of the UK-based cryptocurrency exchange BTC-Alpha with Ukrainian roots. In a ForkLog interview, representatives of the exchange <a href=\"https:\/\/u1f987.com\/en\/news\/btc-alpha-confirms-partial-leak-of-client-data\">confirmed the leak<\/a>, noting that the database dump only partially contains reliable information about users. The rest of the data, they say, were altered by hackers.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The operators of the LockBit ransomware threaten to release PayBito exchange client data publicly.<\/p>\n","protected":false},"author":1,"featured_media":57263,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1166,1154,1188],"class_list":["post-57262","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-centralized-exchanges-cex","tag-crimes","tag-data-breach"],"aioseo_notices":[],"amp_enabled":true,"views":"19","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/57262","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=57262"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/57262\/revisions"}],"predecessor-version":[{"id":57264,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/57262\/revisions\/57264"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/57263"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=57262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=57262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=57262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}