A couple of days ago, LockBit had published an entry on their leaksite titled "telekom.com". I asked the Telekom press corps and they denied any incident.
Yesterday, LB also published the data allegedy from Telekom. I had a look at the files. So far, it seems that nothing in the 1.2GByte directory on their file share has anything to do with Deutsche Telekom. It seems that in fact, they breached a client PC owned by a non-profit in Hamburg.
#lockbit #threatintel
Dr. Christopher Kunz /
npub1f2…2wq5p
2024-05-23 08:54:57
Author Public Key
npub1f2amg3g8eahf043rnnle5qdqpmj0t9e4j44cvvf4tlapnfckumrq42wq5pSeen on
wss://relay.mostr.pubPublished at
2024-05-23 08:54:57Event JSON
{
"id": "60bba8fbca97cd3978925aca933dbd7b9dd14447b144c0f5d21a4a2f61823cd9",
"pubkey": "4abbb44507cf6e97d6239cff9a01a00ee4f59735956b8631355ffa19a716e6c6",
"created_at": 1716454497,
"kind": 1,
"tags": [
[
"t",
"Lockbit"
],
[
"t",
"threatintel"
],
[
"proxy",
"https://chaos.social/users/christopherkunz/statuses/112489561964994109",
"activitypub"
]
],
"content": "A couple of days ago, LockBit had published an entry on their leaksite titled \"telekom.com\". I asked the Telekom press corps and they denied any incident.\n\nYesterday, LB also published the data allegedy from Telekom. I had a look at the files. So far, it seems that nothing in the 1.2GByte directory on their file share has anything to do with Deutsche Telekom. It seems that in fact, they breached a client PC owned by a non-profit in Hamburg.\n\n#lockbit #threatintel",
"sig": "abab6eae0179f6e61eb742636a500afcf9e789d7fdff60147a107f73b726af4804555123f91b77725ee114235c35fa3fb6e7850d01f581caa9c6a632ccd12646"
}