The LockBit ransomware gang printed information stolen from Boeing, one of many largest aerospace firms that providers industrial airplanes and protection techniques.
Earlier than the leak, LockBit hackers stated that Boeing ignored warnings that information would change into publicly accessible and threatened to publish a pattern of about 4GB of the newest recordsdata.
Backup information printed
LockBit ransomware has leaked greater than 43GB of recordsdata from Boeing after the corporate refused to pay a ransom.
A lot of the information listed on the hacker group’s leak website are backups for numerous techniques, the newest of them with an October 22 timestamp.
The ransomware actor posted Boeing on their website on October 27 and gave the corporate a November 2nd deadline to contact them and interact in negotiations.
The hackers stated on the time that they had stolen “an incredible quantity of delicate information” and had been able to publish it.
supply: BleepingComputer
Boeing disappeared from LockBit’s checklist of victims for a interval however was listed once more on November 7, when the hackers introduced that their warnings had been ignored.
When the corporate continued to be silent, the LockBit ransomware gang determined to indicate that that they had a bargaining chip and threatened to publish “simply round 4GB of pattern information (most up-to-date).”
The hackers additionally threatened that they’d publish the databases “if we don’t see a optimistic cooperation from Boeing.”
supply: FalconFeed
On November 10, LockBit launched on their website all the info that they had from Boeing. Among the many recordsdata are configuration backups for IT administration software program, and logs for monitoring and auditing instruments.
Backups from Citrix home equipment are additionally listed, which sparked hypothesis about LockBit ransomware utilizing the just lately disclosed Citrix Bleed vulnerability (CVE-2023-4966), for which proof-of-concept exploit code was printed on October 24.
Whereas Boeing confirmed the cyberattack, the corporate didn’t present any particulars in regards to the incident or how the hackers breached its community.
LockBit is likely one of the most resilient ransomware-as-a-service (RaaS) operations, having been energetic for greater than 4 years and making hundreds of victims throughout numerous sectors.
Among the many victims are Continental automotive big, the UK Royal Mail, the Italian Inside Income Service, and the Metropolis of Oakland.
The U.S. authorities stated in June that the gang extorted about $91 million since 2020 in near 1,700 assaults towards numerous organizations within the nation.
Nonetheless, the gang operates internationally. In August, the Spanish Nationwide Police warned of a phishing marketing campaign that focused structure corporations within the nation to encrypt techniques with LockBit’s locker malware.
