Massive Airspan Networks leak
The first file was added on 2021-11-18 and the last one on 2022-01-12 so the leakers were sitting on the information for a bit. CISA issued a warning on Airspan Networks Mimosa a week ago.
Greetings! Today we want to tell about the Airspan Networks. It's a huge company working in 4G/5G broadband wireless products and solutions worldwide. They got a lot of very important companies among their clients and partners, even from the S&P500 list. However, they still got a lot of mistakes allowing the network breach and further leak of information. After multiple notifications and attempts to resolve these issues, we were trying to offer our help in security measures and also avoiding Data leak. But the situation is that Airspan and their Leader-board with Mr.Eric Stonestrom and Mr.David Brant at the head, did not attach importance to our warnings. Maybe they thought only about how save their money, or maybe they thought that nothing serious can happens even when they allow such a huge leak. And it's really huge Leak, the IT-department missed the downloading of more than 1TB of sensitive Data, in our opinion that is a big volume of data, which couldn't be just missed, when the security services works promptly. Well, we can't tell the exact reasons, why are the Airspan is so reckless, but we do know that they are agreed for this leak due to it's inconsistency and disgusting security policy. According to our rules, we are publishing the proofs with whole Data volume, for everyone who is interested. Since this company absolutely doesn't care about the privacy of their clients/partners/employees and etc., nor at the stage of protecting their network, neither after the fact of hacking and reports of a possible leak. Our team demanded a bounty, for the information regarding vulnerabilities and helping with the security measures, after negotiations we have greatly reduced the amount but they still refused to compromise. Airspan values your privacy less than $1 mil. For so much they allowed this leaked. We believe greedy pays twice and now the Airspan will face multiple penalties and lawsuits because of data leak. Here you can find about 1TB of sensitive data downloaded from Airspan network. Password for archives: Jdfio4589NzxkjspwDF_erio4501Si$ZnsioX Password for archives in "Bitbuck" folder: 1029384756 http://wxbpssv4hiwlcgt4cxam3cznu4feqgf5pqfibbku3x6dwvtcakdkyeid.onion/AIRSPAN/ Even with all that information on hands the Airspan along with it's affiliated companies and their Leadership decided to allow this leak instead of a paying some reward.
Some screenshots provided by Ragnar_Locker on their website follow: 1, 2, 3, 4, 5, 6, 7.
Airspan is a leading 4G/5G RAN hardware and software vendor, as well as a Fixed Wireless network densification solution provider, with an expansive portfolio of indoor and outdoor products. official site
Airspan Networks is an American telecommunications company headquartered in Boca Raton, Florida, developing Radio Access Network technology including the Sprint ‘Magic Box’ and both small cells and macro cells for the Rakuten virtualized network. Wikipedia
Use Tor Browser, of course, and click this link.
Well, Ragnar_Locker seems to have exfiltrated everything from Airspan’s internal network.