The LockBit gang is restarting its ransomware operation using a new infrastructure shortly after law enforcement breached their servers. They are now indicating a potential increase in attacks targeting the government sector.

The group sent a detailed message in a fake FBI leak to highlight their carelessness that allowed the hack to happen and to outline their future objectives for the operation.

LockBit ransomware persists in carrying out attacks.
LockBit said on Saturday that it was restarting its ransomware operations. They made a statement acknowledging that their “personal negligence and irresponsibility” resulted in law authorities interrupting their activities in Operation Cronos.

The group retained the brand name and relocated its data breach website to a new .onion domain, which displays five victims along with countdown timers for releasing stolen data.