The LockBit ransomware gang revealed knowledge stolen from Boeing, one of many largest aerospace firms that providers business airplanes and protection programs.
Earlier than the leak, LockBit hackers mentioned that Boeing ignored warnings that knowledge would turn into publicly accessible and threatened to publish a pattern of about 4GB of the newest information.
Backup knowledge revealed
LockBit ransomware has leaked greater than 43GB of information from Boeing after the corporate refused to pay a ransom.
Many of the knowledge listed on the hacker group’s leak web site are backups for varied programs, the newest of them with an October 22 timestamp.
The ransomware actor posted Boeing on their web site on October 27 and gave the corporate a November 2nd deadline to contact them and have interaction in negotiations.
The hackers mentioned on the time that they had stolen “an incredible quantity of delicate knowledge” and have been able to publish it.
supply: BleepingComputer
Boeing disappeared from LockBit’s listing of victims for a interval however was listed once more on November 7, when the hackers introduced that their warnings had been ignored.
When the corporate continued to be silent, the LockBit ransomware gang determined to point out that that they had a bargaining chip and threatened to publish “simply round 4GB of pattern knowledge (most up-to-date).”
The hackers additionally threatened that they might publish the databases “if we don’t see a optimistic cooperation from Boeing.”
supply: FalconFeed
On November 10, LockBit launched on their web site all the info that they had from Boeing. Among the many information are configuration backups for IT administration software program, and logs for monitoring and auditing instruments.
Backups from Citrix home equipment are additionally listed, which sparked hypothesis about LockBit ransomware utilizing the not too long ago disclosed Citrix Bleed vulnerability (CVE-2023-4966), for which proof-of-concept exploit code was revealed on October 24.
Whereas Boeing confirmed the cyberattack, the corporate didn’t present any particulars in regards to the incident or how the hackers breached its community.
LockBit is without doubt one of the most resilient ransomware-as-a-service (RaaS) operations, having been energetic for greater than 4 years and making 1000’s of victims throughout varied sectors.
Among the many victims are Continental automotive large, the UK Royal Mail, the Italian Inside Income Service, and the Metropolis of Oakland.
The U.S. authorities mentioned in June that the gang extorted about $91 million since 2020 in near 1,700 assaults in opposition to varied organizations within the nation.
Nonetheless, the gang operates internationally. In August, the Spanish Nationwide Police warned of a phishing marketing campaign that focused structure corporations within the nation to encrypt programs with LockBit’s locker malware.
