Hack Group LockBit Announced the Hacking of the Information Security Company Entrust
Ransomware group LockBit has claimed responsibility for the June hack of cybersecurity firm Entrust. Hackers have already begun to publish data stolen from the company on their “leak site”.
Let me remind you that we also wrote that Grouping LockBit Announced the Hacking of the Information Security Company Mandiant, and also that LockBit Ransomware Uses Windows Defender to Download Cobalt Strike.
The Entrust hack became known back in June 2022. Then Bleeping Computer reported that the company suffered from te ransomware attack, during which data was stolen from its systems. Representatives of Entrust confirmed to reporters the fact of hacking, but did not provide any details of the incident, referring to the ongoing investigation.
At the same time, the head of AdvIntel, Vitaly Kremez, told reporters that, according to his information, Entrust was the victim of a well-known hack group that bought access to the corporate network from a certain access seller.
As information security expert Dominic Alvieri has now noted, the site that the LockBit hack group uses to leak data has a section dedicated to Entrust. The attackers said they were going to publish there all the data stolen from the company. Usually, such actions mean that the victim company has refused to negotiate with the extortionists or comply with their demands.
Since the attackers have already begun publishing the data, Alvieri was able to study it, and says that the dump mainly consists of accounting and legal documents, as well as marketing tables.
The company did not comment on the statements of the hackers and the publication of the stolen data.
It should be noted that the Tor site of the hackers went down shortly after the release of the data, and the group reported that they had been affected by the DDoS attack due to the Entrust breach. The fact is that DDoS is accompanied by messages: “DELETE_ENTRUSTCOM_MOTHERFUCKERS”.