Lockbit claims it hacked SpaceX

March 15, 2023

The Lockbit ransomware group claimed to have successfully hacked Maximum Industries, a company that manufactures parts for SpaceX, and obtained 3,000 confidential designs created by engineers at the rocket company.

LockBit’s initial methods of attack include social engineering tactics like phishing, spear phishing, and business email compromise (BEC), exploiting publicly accessible applications, utilizing “initial access brokers” (IABs), and gaining unauthorized access to legitimate accounts using stolen login credentials like remote desktop protocol (RDP). In addition, the group employs brute-force cracking techniques.

LockBit has typically targeted government entities and businesses in a variety of industries, including healthcare, finance, and industrial goods and services. The ransomware has been observed targeting countries all over the world, including the United States, China, India, Indonesia, Ukraine, France, the United Kingdom, and Germany.

It’s no surprise that it is going around mocking the SpaceX supremo, and threatening to leak or sell on the blueprints from March 20 if the gang’s demands to pay up aren’t met. As well as targeting Royal Mail in the U.K.

“I would say we were lucky if SpaceX contractors were more talkative. But I think this material will find its buyer as soon as possible,” Lockbit posted on its dark-web homepage. “Elon Musk, we will help you sell your drawing to other manufacturers — build the ship faster and fly away,” the gang continued. It also claimed that the 3,000 drawings had been “certified” by SpaceX engineers, but we can’t confirm whether anyone outside of the ransomware gang has confirmed the purloined dataset is what it claims to be.

The sources for this piece include articles in TheHackerNews and TheRegister.

Top Stories

Related Articles

June 9, 2026 Hackers exploited Meta’s AI-powered support chatbot to gain control of Instagram accounts, including several high-profile profiles. Meta more...

June 5, 2026 Security researchers have disclosed a new denial-of-service attack called HTTP/2 Bomb that can overwhelm major web servers more...

May 20, 2026 The Cybersecurity and Infrastructure Security Agency, the arm of the U.S. government tasked with protecting critical infrastructure more...

May 11, 2026 Instructure has restored access to its Canvas learning platform after a cyberattack disrupted service for universities and more...

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn