Who?

Lockbit is one of the largest ransomeware groups in the world, in doing so they (actually the affiliates) hack companies to then get money through ransomware. Ransomware is a type of malware that infects your computer and encrypts all files, after which it asks for a ransom that must then be paid for a decryption key.

What happened?

This group was hacked a few days ago due to a security flaw in the website(s). We are talking about a flaw in PHP, lockbit had used an older version of the software which led to the website being taken over. Lockbit himself has posted a response to this takeover on his new site where he says they did this because they did not want information about https://fultoncountyga.gov/ to be leaked. He further said that the information will still be leaked.

The governments had also changed the website, here you could see that for example all the "leaks" were changed by self-made posts by them. Also the logo was changed by putting a sticker with "seized" on it, and a lot more, all this to “bully” lockbit.

After 4 days, lockbitsupp had already put new sites online so that all the data could be downloaded and viewed again. He also said that it took 4 days because there was incompatible code for the newer versions of PHP and so those parts had to be changed as well.

Outro

What do we learn from this? Always use the latest version of the software, that way you avoid security flaws in your systems and the authorities don't hijack your site.Document Title