Fraud Management & Cybercrime , Ransomware

LockBit Claims Attack on German Auto Parts Giant Continental

Company Acknowledged an Attack in August, Silent Since on Hackers
LockBit Claims Attack on German Auto Parts Giant Continental

Ransomware group LockBit is claiming responsibility for an attack on German auto parts maker Continental as it threatens to leak company data.

See Also: Every Second Counts: 6-Step Ransomware Remediation Guide

The group added Continental - a 33.8 billion euro maker of tires, brake systems and internal electronics - to its leak site Thursday, giving the company a Friday deadline to respond to its extortion demand.

The Hanover-based multinational acknowledged in August experiencing a cyber incident but said it repelled hackers. The "company maintains full control over its IT systems," it said.

Continental has not since provided an update and did not provide additional information when contacted.

LockBit has emerged as the premier post-Conti ransomware-as-a-service group, or at least its constant self-promotion encourages people to think so (see: Keys to LockBit's Success: Self-Promotion, Technical Acumen). Based on leak site monitoring, Malwarebytes consistently places LockBit at the top of its list of most-active ransomware groups. Leak sites have well known biases for determining ransomware activity but are a source of data in a landscape otherwise bereft of it.

The group earned a wave of media coverage when in June it announced a bug bounty program. The group in September said in September it made a $50,000 payment.

In June, it released version 3.0 of its ransomware. Its builder was leaked, possibly by a former LockBit developer. The builder appears to offer "a high level of customization," Malwarebytes wrote, noting that hackers doing the dirty work of getting LockBit onto victim computers "can choose their own C2 server, choose the processes they want to terminate, modify the ransom note, and so on."

About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.