The LockBit ransomware group published data stolen from Boeing, one of the largest aerospace companies that maintains commercial aircraft and defense systems. Before the leak, LockBit hackers said Boeing ignored warnings that the data would be made public and threatened to release a sample of the latest files, approximately 4 GB in size.

LockBit ransomware leaked more than 43GB of files from Boeing after the company refused to pay the ransom. Most of the data listed on the hacking group’s leak site are backups of various systems, with the most recent dated October 22. The ransomware actor posted Boeing on his website on October 27, giving the company until November 2 to contact them and begin negotiations.

At the time, hackers stated that they had stolen “a huge amount of sensitive data” and were ready to make it public.

Boeing disappeared from the list of LockBit victims for a while, but was included again on November 7, when hackers announced that their warnings were ignored. While the company continued to remain silent, the LockBit ransomware gang decided to show that they had a viewfinder and threatened to release “only about 4GB of (new) sample data.”

The hackers also threatened to release the databases “unless we receive positive cooperation from Boeing.”

On November 10, LockBit published all the data it obtained from Boeing on its website. Files include configuration backups for IT management software and logs for monitoring and auditing tools.

Backups from Citrix devices are also listed; This leads to speculation that LockBit ransomware exploits the recently disclosed Citrix Bleed vulnerability (CVE-2023-4966), and the exploit verification code was released on October 24th. While Boeing confirmed the cyberattack, the company did not provide any details about the incident or how hackers breached its network.

Lock Bit It is one of the most persistent Ransomware as a Service (RaaS), operating for over four years and with thousands of alleged victims across various industries.

Victims include car giant Continental, Britain’s Royal Mail, Italian tax authorities and Auckland City Council. In June, the US government announced that the gang had defrauded approximately $91 million in approximately 1,700 attacks on various organizations in the country since 2020.

However, the gang operates internationally. In August, Spain’s national police warned of a phishing campaign targeting architecture firms in the country to encrypt systems using the LockBit malware. Source