SpaceX documents and proprietary designs allegedly leak as ransomware group threatens Elon Musk

Earlier this week, LockBit, a ransomware gang that operates largely on the dark web, posted to its website claiming to have obtained proprietary designs from a SpaceX contractor. Now the gang has shared evidence of the alleged leak, along with a threatening message to Elon Musk.

On March 12, cybersecurity analyst Dominic Alvieri first reported that Maximum Industries, one of SpaceX’s main fabricators for rocket parts, suffered a breach at the hands of the LockBit ransomware gang.

LockBit posted to its website on the dark web that “3,000 drawings” would soon be up for sale, with a message to Musk that stated: “I would say we were lucky if Space-X contractors were more talkative. But I think this material will find its buyer as soon as possible. Elon Musk we will help you sell your drawings to other manufacturers—build the ship faster and fly away.”

Screenshot from LockBit’s website on the dark web.

The gang added that SpaceX has until Monday, March 20, to comply with its demands, no doubt a considerable sum of cash, or it would begin selling the designs to other manufacturers. A situation where LockBit appears to benefit either way. That’s if these designs are of the value the group thinks they are.

Maximum Industries has yet to comment. SpaceX did not respond to our request for comment ahead of publishing this article.

The prolific Russian-linked cybergang first emerged in 2019 under the name “ABCD ransomware.” It has since restructured itself as a “ransomware-as-a-service” operation, where the gang of criminals creates the malware and licenses its code to “affiliates” who carry out the attacks. “LockBit members have made at least $100 million in ransom demands and have extracted tens of millions of dollars in actual ransom payments from their victims,” the Justice Department wrote.

Interestingly enough, despite being a criminal enterprise that lurks on the dark web and deals entirely in cryptocurrency, they appear to have some rules for affiliates claiming: “It is illegal to encrypt files in critical infrastructure, such as nuclear power plants, thermal power plants, hydroelectric power plants, and other similar organizations,” and provides a “helpdesk” if you need assistance. It seems space exploration is fair game though.

Follow Arin: Twitter, Instagram, and LinkedIn

Load more...
Show More Comments