The Australian branch of Malibu Boats, a company specializing in the production and sale of water sports towboats, was recently identified as the alleged victim in a significant ransomware event. Thousands of files are believed to have been stolen from the manufacturer, whose parent company originated in California in 1982 and maintains a substantial share of the global towboat market. This incident marks a notable attack on the country’s manufacturing sector.
The threat actor behind the breach is reportedly the Qilin ransomware group, which operates on a ransomware-as-a-service model. The group added the Australian manufacturer to its dark web leak site on October 29. Qilin is a known entity in the cybercrime landscape, having been active since August 2022 and recognized for leasing its malicious tools to affiliates in exchange for a percentage of any successful ransom payments.
According to the claims made by Qilin, the group successfully exfiltrated a massive haul of data from Malibu Boats Australia, totaling 160 gigabytes and including more than 148,000 individual files. Such a large volume of data could potentially contain sensitive operational, commercial, or personal information, which poses a significant risk to the company and its stakeholders.
Despite the serious allegation that this information has now been made public by the attackers, certain details remain unconfirmed. Specifically, the link provided by the ransomware group for the allegedly leaked data was not accessible when reporters attempted to verify the claim. Furthermore, no sample files or additional specific details regarding the contents or sensitivity of the data allegedly taken from the Australian operations have been released to the public.
The Qilin group has established itself as one of the more prolific and active players in the ransomware space globally, having claimed responsibility for nearly 700 incidents since its emergence. Their continued activity and this latest claim against Malibu Boats Australia highlight the ongoing and evolving cyber risks faced by businesses worldwide, emphasizing the need for robust defensive measures.
Reference:
