March 15, 2023

The Lockbit ransomware group claimed to have successfully hacked Maximum Industries, a company that manufactures parts for SpaceX, and obtained 3,000 confidential designs created by engineers at the rocket company.

LockBit’s initial methods of attack include social engineering tactics like phishing, spear phishing, and business email compromise (BEC), exploiting publicly accessible applications, utilizing “initial access brokers” (IABs), and gaining unauthorized access to legitimate accounts using stolen login credentials like remote desktop protocol (RDP). In addition, the group employs brute-force cracking techniques.

LockBit has typically targeted government entities and businesses in a variety of industries, including healthcare, finance, and industrial goods and services. The ransomware has been observed targeting countries all over the world, including the United States, China, India, Indonesia, Ukraine, France, the United Kingdom, and Germany.

It’s no surprise that it is going around mocking the SpaceX supremo, and threatening to leak or sell on the blueprints from March 20 if the gang’s demands to pay up aren’t met. As well as targeting Royal Mail in the U.K.

“I would say we were lucky if SpaceX contractors were more talkative. But I think this material will find its buyer as soon as possible,” Lockbit posted on its dark-web homepage. “Elon Musk, we will help you sell your drawing to other manufacturers — build the ship faster and fly away,” the gang continued. It also claimed that the 3,000 drawings had been “certified” by SpaceX engineers, but we can’t confirm whether anyone outside of the ransomware gang has confirmed the purloined dataset is what it claims to be.

The sources for this piece include articles in TheHackerNews and TheRegister.