Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Ransomware Group Threatens to Leak Data Stolen From Car Parts Giant Continental

The notorious LockBit ransomware group is threatening to publish files allegedly stolen from German car parts giant Continental.

On its Tor-based leak website, the group says all files — the exact quantity of data or its type is not being specified — will be published on November 4, three hours after the publication of this article.

The notorious LockBit ransomware group is threatening to publish files allegedly stolen from German car parts giant Continental.

On its Tor-based leak website, the group says all files — the exact quantity of data or its type is not being specified — will be published on November 4, three hours after the publication of this article.

Continental did say in August that it had been targeted in a cyberattack, with hackers infiltrating some of its IT systems.

“The company detected the attack in early August and then averted it. Continental’s business activities have not been affected at any point. The technology company maintains full control over its IT systems,” Continental said at the time.

The company has not shared any additional information about the attack, but it did suggest at the time that some data may have been stolen.

LockBit ransomware attack on Continental

In addition to files, the LockBit ransomware group appears to be threatening to make public the chat logs of conversations between the cybercriminals and the automotive giant. If the attack disclosed by Continental in August was conducted by LockBit, it’s possible that the company has been trying to negotiate with the hackers until now.

SecurityWeek has reached out to Continental for clarifications and will update this article if additional information is provided by the company.

“Over the last year we have seen a dramatic rise in the number of attacks caused by the LockBit ransomware group, with Continental the latest victim to have their data threatened to be published,” said Raj Samani, SVP chief scientist at Rapid7. “Our research shows that LockBit’s market share in ransomware attacks per group has increased from 1% in 2020 to 4% in 2021, and this will only grow if they are allowed to continue stealing sensitive data and selling it on for profit.”

Advertisement. Scroll to continue reading.

Darren Williams, CEO of ransomware specialist Blackfog, commented, “Companies within the automotive sector are typically large, complex organizations with valuable assets under management, so it comes as no surprise that ransomware groups are targeting them. What is surprising is that multinational organizations are still relying on technologies that are not up to the job of preventing ransomware.”

Williams added, “The recent attack on UK auto dealer Pendragon, which had a record breaking ransom demand of £54 million, clearly demonstrates how lucrative this sector could be for cybercriminals. Worryingly, the trend for targeting this industry will continue unless investment is made in newer technology designed to prevent modern threats.”

Related: LockBit Ransomware Site Hit by DDoS Attack as Hackers Start Leaking Entrust Data

Related: LockBit 3.0 Ransomware Emerges With Bug Bounty Program

Related: LockBit Ransomware Abuses Windows Defender for Payload Loading

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Ransomware

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.