Massive Airspan Networks leak

February 11, 2022    Article    630 words    3 mins read


After peeking (with my eyes closed, I swear) through some of the archives, it looks as if EVERYTHING got exfiltrated from the Airspan servers, including confidential information, contracts (including several with the Israel National Cyber Directorate), source code, out of court settlements and such. No idea who leaked this and why but it is insane. It was leaked by Ragnar_Locker and it’s still insane.

For Funky Friday we have another massive leak floating on the DarkWeb (you know, the web that uses predominantly the dark website theme), this time from Airspan Networks. It’s about 1.1TB of archives that include customer and finance and sales data, Israel NDA (and contracts) and 29GB of Bitbucket repositories.

The first file was added on 2021-11-18 and the last one on 2022-01-12 so the leakers were sitting on the information for a bit. CISA issued a warning on Airspan Networks Mimosa a week ago.

Original message


Today we want to tell about the Airspan Networks. It's a huge company working in 4G/5G
broadband wireless products and solutions worldwide. They got a lot of very important
companies among their clients and partners, even from the S&P500 list.

However, they still got a lot of mistakes allowing the network breach and further leak
of information. After multiple notifications and attempts to resolve these issues, we
were trying to offer our help in security measures and also avoiding Data leak.

But the situation is that Airspan and their Leader-board with Mr.Eric Stonestrom and
Mr.David Brant at the head, did not attach importance to our warnings.

Maybe they thought only about how save their money, or maybe they thought that nothing
serious can happens even when they allow such a huge leak. And it's really huge Leak,
the IT-department missed the downloading of more than 1TB of sensitive Data, in our
opinion that is a big volume of data, which couldn't be just missed, when the 
security services works promptly. 

Well, we can't tell the exact reasons, why are the Airspan is so reckless, but we do
know that they are agreed for this leak due to it's inconsistency and disgusting
security policy.

According to our rules, we are publishing the proofs with whole Data volume, for
everyone who is interested. Since this company absolutely doesn't care about the
privacy of their clients/partners/employees and etc., nor at the stage of protecting
their network, neither after the fact of hacking and reports of a possible leak.

Our team demanded a bounty, for the information regarding vulnerabilities and helping
with the security measures, after negotiations we have greatly reduced the amount
but they still refused to compromise. 

   Airspan values your privacy less than $1 mil. For so much they allowed this leaked.

We believe greedy pays twice and now the Airspan will face multiple penalties and
lawsuits because of data leak.

   Here you can find about 1TB of sensitive data downloaded from Airspan network.
   Password for archives: Jdfio4589NzxkjspwDF_erio4501Si$ZnsioX
   Password for archives in "Bitbuck" folder: 1029384756


Even with all that information on hands the Airspan along with it's affiliated
companies and their Leadership decided to allow this leak instead of a paying some

Some screenshots provided by Ragnar_Locker on their website follow: 1, 2, 3, 4, 5, 6, 7.


Airspan is a leading 4G/5G RAN hardware and software vendor, as well as a Fixed Wireless network densification solution provider, with an expansive portfolio of indoor and outdoor products. official site

Airspan Networks is an American telecommunications company headquartered in Boca Raton, Florida, developing Radio Access Network technology including the Sprint ‘Magic Box’ and both small cells and macro cells for the Rakuten virtualized network. Wikipedia


Use Tor Browser, of course, and click this link.


Well, Ragnar_Locker seems to have exfiltrated everything from Airspan’s internal network.