Security News > 2021 > September > LockBit Jumps Its Own Countdown, Publishes Bangkok Air Files

After Bangkok Airways disclosed that it had been clobbered by a cyberattack last week, the LockBit 2.0 ransomware gang tossed its own countdown clock in the trash and went ahead and published what it claims are the airline's encrypted files on its leak site.

That's three days earlier than its original countdown clock: In that post, the ransomware-as-a-service gang promised that encrypted files would be published yesterday if the airline didn't pay the ransom.

The news outlet, which has been talking with the gang, reported that before LockBit went after Bangkok Airways on Aug. 23, the group also published encrypted files from another airline: Ethiopian Airlines.

Bangkok Airways announced the breach last week, on Thursday, and LockBit 2.0 started a countdown clock the next day.

In its initial post, the gang claimed to have stolen 103GB worth of compressed files that it would release yesterday, on Tuesday, and that they had a lot more - those +200GB of files it mentioned again in Saturday's post - that they could add to the misery.

Not only did their security provider get drained, thus potentially compromising an untold number of its customers, but it got drained by a group with an increasingly powerful arsenal: According to a report released recently by Trend Micro, attacks in July and August have employed LockBit 2.0 ransomware that feature a souped-up encryption method.

News URL

https://threatpost.com/lockbit-publishes-bangkok-air-files/169101/