LockBit Ransomware Gang claimed on Tuesday to have stolen data from French technology company Thales. According to sources, it threatened to release the information. Thales said that the extortion gang had informed that it would release the data on November 7.
An official statement from the company noted that it had launched an investigation and is working with the national cyber security agency about the incident, though the ransomware gang has not provided any proof of stolen data.
“We are aware of an allegation of a Lockbit 3.0 attack targeting data potentially pertaining to the Thales Group. A dedicated team of security experts from Thales CERT are currently investigating the situation as the security of our data remains a key priority,” noted the statement.
It added, “Thales CPL will continue to support CERT in their investigations and post any relevant information for customers of our products to this page as additional details are made available. As of today, we have not received any direct ransom notification, however, we are taking this allegation seriously.”
Earlier this year, a hospital in south-eastern Paris was crippled by a cyberattack claimed by LockBit as well.
Incidentally, Thales had earlier warned about the increasing vulnerability of companies to cyberattacks due to the rise in the number of people working from home. It quoted a report released by the FBI in 2021, which indicated that the increase in cybercrime is attributed to the increasing number of employees working from home. According to the FBI, the rising trend of cyber attacks was attributed to the lockdowns triggered by the Covid-19 pandemic and the lack of proper security measures for mobile devices and private computers.
LockBit eats its tail
Earlier, due to an alleged internal conflict within the group, the developers were noted sharing LockBit builder publicly; the new version was touted to be called LockBit Black. The latest version was reportedly very promising for the hackers as it would supposedly make ransomware great again.
Despite the hype, one of the developers refused to participate in the development of the new ransomware and posted the details about it online. According to the sources, the latest version of LockBit Black included various new features and extortion methods.
It was eventually disclosed that an aggrieved developer from LockBit was behind the leak of the ransomware builder. According to sources, the developer was upset with the “LockBit leadership and leaked the builder in retaliation against the operation.”
Prior to that, the notorious ransomware gang’s data leak website was compromised allegedly by the cybersecurity company “Entrust”. Entrust had fallen victim to an attack initiated by the LockBit hacker collective in June 2022.
Sources state that the DDoS attack against LockBit was in retaliation to the hacker group’s recent invasion of the cybersecurity company. However, Entrust did not publicly disclose the actual name of the perpetrator behind the attack.
