The notorious LockBit ransomware group has allegedly resurfaced, announcing the launch of “LockBit 5.0” to mark what it claims is the sixth anniversary of its operation. The announcement, made on the prominent RAMP cybercrime forum, comes months after a significant international law enforcement takedown, “Operation Cronos,” disrupted its infrastructure. The group claims its new affiliate panel and encryptors have been rewritten from scratch, and no analogues exist. In a departure from its previous model, access to this new platform is not free; prospective affiliates are now allegedly required to pay a $500 fee in cryptocurrency to register.
In a bold attempt to re-establish its position, the group is also engaging in aggressive community outreach. The LockBit operator has initiated efforts to be unbanned from the influential XSS forum, where a community poll was launched to decide on their reinstatement. The reported conditions include sponsoring a writing competition valued between $20,000 and $30,000.
Concurrently, the group has responded positively to a public proposal from a representative of the DragonForce ransomware group to form a “cartel” or “coalition” with other major players like Qilin. The proposed alliance aims to establish common rules, avoid public disputes, and collectively “dictate conditions to the market,” signaling a potential move towards greater collaboration among top-tier ransomware gangs.
Despite the confident proclamations, significant skepticism surrounds this alleged comeback. Cybersecurity experts are weighing three primary scenarios: a genuine resurrection by a core remnant of the original team; a sophisticated honeypot operation by law enforcement; or an opportunistic rebranding by an unrelated threat actor. Trust within the criminal underground also appears fractured, with some forum members publicly accusing the LockBit operator of having scammed an affiliate out of tens of thousands of dollars in the past. At present, the new LockBit 5.0 has no public data leak site, and its technical capabilities remain unverified, leaving the cybersecurity community to closely monitor if this marks a true resurgence or a final, deceptive chapter.
![Chess[.]com Announces Data Breach Via Third-Party App](https://dailydarkweb.net/wp-content/uploads/2025/09/chess-75x75.webp)
