Continental, a German multinational automotive parts manufacturing company, was hacked by the LockBit ransomware gang.
The gang has also posted the company’s name on its Tor Leak page, threatening to release allegedly stolen data if the victim does not pay the ransom, but does not yet provide information about what data it stole from the Continental network or when the breach occurred.
Kathryn Blackwell, Vice President of Communications and Marketing at Continental, did not confirm LockBit’s claims, but referred instead to an August 24 press release about a cyberattack that resulted in a breach of Continental’s systems. It is not known, however, whether the Lockbit 3.0 ransomware group is responsible for the attack uncovered by Continental on August 24, 2022.
“In a cyberattack, attackers infiltrated parts of Continental’s IT systems. The company detected the attack in early August and then averted it. Continental’s business activities have not been affected at any point. The technology company maintains full control over its IT systems. According to current information, the IT systems of third parties have not been affected.” reads the statement published by the company in August. “Immediately after the attack was discovered, Continental took all necessary defensive measures to restore the full integrity of its IT systems.”
Lockbit has previously been named by Israeli cyber intelligence agency KELA as one of the most prolific actors for ransomware and data leaks in the third quarter, alongside Black Basta, Hive, Alphv alias BlackCat and BianLian.
It was said to have an updated data leak blog, a bug bounty program, and new ransomware features. It also prefers low-key attacks and avoids making headlines. TTPs and software used by the gang are constantly evolving and adapting. LockBit also employs StealBit, a proprietary information stealer that quickly clones files from the victim’s network into LockBit-controlled infrastructure.
The sources for this piece include an article in BleepingComputer.