LockBit, a notorious ransomware gang, has made a comeback just five days after authorities took down 34 servers hosting its operations in Operation Cronos. The gang announced its return on Saturday, moving its data leak site to a new address and listing five victims with countdown timers for publishing stolen information. LockBit admitted to negligence which enabled the breach and confirmed that law enforcement disrupted its activity due to their failure to update servers running PHP.

LockBit acknowledged that the FBI breached two main servers, citing personal negligence and irresponsibility on their part for not updating PHP promptly. The gang speculates that law enforcement targeted them due to a ransomware attack on Fulton County in January, which threatened to expose sensitive information, including details about Donald Trump's court cases.

Despite the setback, LockBit plans to enhance its security measures by rewarding anyone who finds vulnerabilities, manually releasing decryptors, and hosting the affiliate panel on multiple servers. The gang's message appears to be damage control aimed at rebuilding their tarnished reputation after the recent law enforcement raid. Affiliates are advised to exercise caution and vigilance when dealing with LockBit in light of recent events.