While embattled ransomware gang LockBit 3.0 fights for its survival following Operation Cronos, a coordinated takedown of the syndicate’s web infrastructure by global authorities, the availability of victim data leaked by the gang persists via peer-to-peer (P2P) torrent networks. The wide torrent-based accessibility of these leaked victim files ensures the longevity of LockBit 3.0’s harmful impact.
Resecurity has acquired all torrent files added before and after LockBit 3.0’s March 2nd update to analyze P2P communications related to leaked data and TOR network connections. Each torrent file analyzed contained a link to a server with a hidden service on the TOR network, specifically indicating the sources for download.
