LockBit ransomware gang claims attack on Continental


The LockBit ransomware gang is claiming responsibility for a cyberattack against the German automotive giant Continental. The deadline to give in to the hackers’ demands has also been set.

The gang is now threatening to leak stolen data if the deadline, set for November 4, 2022, at 15:45:36 UTC, is not met. LockBit has added the name of the German company to its Tor leak site.

The very fact that LockBit mentioned Continental publicly suggests that the victim has been ignoring the gang’s demands or refusing to pay the ransom.

lock-bit-conti
Victim announcement on LockBit's leak site.

It’s not clear what data LockBit has exfiltrated from Continental’s systems or when the actual breach occurred. But Continental posted a press release in August regarding a breach of its servers.

“Attackers infiltrated parts of Continental’s IT systems. The company detected the attack in early August and then averted it. Continental’s business activities have not been affected at any point. The technology company maintains full control over its IT systems,” it said.

“Immediately after the attack was discovered, Continental took all necessary defensive measures to restore the full integrity of its IT systems.”

The company said it was conducting an investigation into the incident, yet has not shared any findings so far.

Continental reported sales of €33.8 billion in 2021. The multinational group employs nearly 200,000 people across 58 countries.

The threat intelligence team at Malwarebytes, the anti-malware vendor, recently announced that LockBit was by far the most prolific ransomware gang in the world, conducting hundreds of confirmed attacks across the globe.

According to Malwarebytes, the LockBit gang, which has been described as a cartel, boasted more confirmed infections – 430 – than its next four closest competitors combined. The pace of attacks is quite steady: around 70 new victims are ambushed each month.

In October, LockBit said it stole 1.4TB of data from UK firm Kingfisher Insurance. The latter’s name was also added to the gang’s leak site. Kingfisher admitted the theft but said it was simply impossible to copy that much data from its servers.

Pundits think LockBit’s success stems from the group’s ability to combine a businesslike approach with specialized technology.

LockBit has also opted for a relatively under-the-radar approach – however, despite that, the gang has lately garnered more unwanted attention, so its days of lurking in the shadows may be numbered.