The LockBit ransomware operators launched a new leak site over the weekend, claiming they restored their infrastructure following a law enforcement takedown and invited affiliates to re-join the operation.
On February 19, LockBit was severely disrupted by law enforcement in North America, Europe, and Asia, which seized 34 servers, took over the group’s Tor-based leak sites, froze cryptocurrency accounts, and harvested technical information on the RaaS.
Authorities also announced that they obtained 1,000 decryption keys that will help victim organizations to recover their data without paying a ransom, and that two individuals suspected of being involved in the operation were arrested.