According to the chat log of the LockBit leak site, the hacker group claims to have stolen a total of 40 TB of data from Continental. Since the requested 50 million dollars were probably not paid, there is now a file list of more than 400 MB for free download on the Darknet.
LockBit probably wants to make the stolen Continental data palatable to buyers. Therefore, the group offers a packed file list on its website that is over 400 MB in size. It probably contains an overview of all files, their names and the names of the project directories. Continental was initially asked for $50 million, which was probably not paid.
Didn't pay $50 million
🔎 A chat log on the LockBit leak page shows the demand for Continental data. The authenticity is open (image: B2B-CS).
Of course, it cannot be confirmed whether the data offered is genuine or not. But at least the chat log available on the site. The hacker threatened to publish the data in the chat and urged the ransom to be paid. The counterpart asks for the data and even explicitly for data from certain directories as proof that LockBit has the data.
Finally, the message to the hackers can be found that you first have to wait for a management meeting and then get in touch again ("Hello, we have to hold a management meeting and will come back to you tomorrow end of business day"). That was also the last message from the supposed spokesman for Continental. Because it is not clear who answered the hackers in the chat or asked the questions. The only strange thing is the request for explicit files in the subdirectories with full paths specified.
Screenshots and file list as evidence
🔎 LockBit leak page: A file list of the Continental data is said to be in a packed file over 400 MB in size (Image: B2B-CS).
As proof that they have the data, the hackers show 4 screenshots that are said to be from the data collection; It's probably about car equipment. Although the note “Confidential” can be found on some screens, it cannot be said whether the data is genuine. Furthermore, the file list is offered in a packed ZIP file with a size of more than 430 MB.
Parallel to the Continental attack, LockBit also claims to have published data from the weapons manufacturer Thales. Almost 10 GB of data can be found in a packed file for free download. But again, it's not clear if this is real data.