The LockBit ransomware gang revealed information stolen from Boeing, one of many largest aerospace corporations that companies industrial airplanes and protection techniques.
Earlier than the leak, LockBit hackers mentioned that Boeing ignored warnings that information would turn out to be publicly obtainable and threatened to publish a pattern of about 4GB of the latest information.
Backup information revealed
LockBit ransomware has leaked greater than 43GB of information from Boeing after the corporate refused to pay a ransom.
Many of the information listed on the hacker group’s leak website are backups for numerous techniques, the latest of them with an October 22 timestamp.
The ransomware actor posted Boeing on their website on October 27 and gave the corporate a November 2nd deadline to contact them and have interaction in negotiations.
The hackers mentioned on the time they’d stolen “an incredible quantity of delicate information” and have been able to publish it.
supply: BleepingComputer
Boeing disappeared from LockBit’s record of victims for a interval however was listed once more on November 7, when the hackers introduced that their warnings had been ignored.
When the corporate continued to be silent, the LockBit ransomware gang determined to point out that they’d a bargaining chip and threatened to publish “simply round 4GB of pattern information (most up-to-date).”
The hackers additionally threatened that they might publish the databases “if we don’t see a constructive cooperation from Boeing.”
supply: FalconFeed
On November 10, LockBit launched on their website all the information they’d from Boeing. Among the many information are configuration backups for IT administration software program, and logs for monitoring and auditing instruments.
Backups from Citrix home equipment are additionally listed, which sparked hypothesis about LockBit ransomware utilizing the lately disclosed Citrix Bleed vulnerability (CVE-2023-4966), for which proof-of-concept exploit code was revealed on October 24.
Whereas Boeing confirmed the cyberattack, the corporate didn’t present any particulars in regards to the incident or how the hackers breached its community.
LockBit is without doubt one of the most resilient ransomware-as-a-service (RaaS) operations, having been lively for greater than 4 years and making hundreds of victims throughout numerous sectors.
Among the many victims are Continental automotive big, the UK Royal Mail, the Italian Inner Income Service, and the Metropolis of Oakland.
The U.S. authorities mentioned in June that the gang extorted about $91 million since 2020 in near 1,700 assaults towards numerous organizations within the nation.
Nonetheless, the gang operates internationally. In August, the Spanish Nationwide Police warned of a phishing marketing campaign that focused structure corporations within the nation to encrypt techniques with LockBit’s locker malware.