infrastructure destruction squad
Photo
🔴 Breach Announcement SriLankan Airlines 🔴
We, the BLACKNET-00 ransomware group, take full responsibility for successfully breaching the internal network of SriLankan Airlines, the national carrier of Sri Lanka. The operation was executed successfully, and highly sensitive data has been exfiltrated.
The stolen data includes login credentials for all internal systems such as FTP, PRTG, RDP, Intranet, OWA, and IMAP, along with SSL certificate files and internal software installation packages. We have also obtained the company's operational and training documents, the complete flight management system (ngcs-flights), the operations management system (ngcs-operations), and the airport and ground handling system (ngcs-ghoperations). Additionally, we have accessed the main corporate database (ngcs-masters), the internal rating system (ngcs-rating), system logs including Log4j files, and a wide range of internal emails.
Other compromised materials include the station and aircraft maintenance manual, the list of approved maintenance stations and agents, employee information and job numbers, supplier contracts and commercial agreements, flight schedules and operational data, server and device access permissions, and the complete internal network map. We have also obtained sensitive configuration files, full Remote Desktop Protocol (RDP) access, engine maintenance reports for Pratt & Whitney IAE V2500 engines, confidential technical documents for engine components, the Line Station Handling Manual, emergency and AOG spares procedures, and the list of certified maintenance agents.
Furthermore, we have acquired quality and safety audit records, full PRTG monitoring system data including login credentials and support tickets, contact details of system administrators such as ul_mitravindu@srilankan.com, technical reports on engine failures, photographic evidence of damaged engine parts, precise VSV clearance measurements, engine performance data sheets (N2, EPR), airworthiness certificates (FAA: Z3EY983Y), names of maintenance engineers including Mick Quirke, Chris Grosvenor, and Ian Carmichael as well as the company's internal information security policy documents
❤2
🔴 PRTG System Breach Update 🔴
✅ We have successfully gained access to the PRTG system!
Our team has successfully breached the PRTG Network Monitor system used by SriLankan Airlines, which is responsible for monitoring all servers, devices, and the entire internal network.
The information exfiltrated from PRTG includes full system log entries dated June 27–29, 2026, along with comprehensive server health monitoring data and performance alerts. We have also obtained detailed CPU load information for all servers, internet connectivity monitoring data for HTTP connections including response times, and server status reports showing uptime, warnings, and performance percentages. Additionally, we have captured server failure data including 503 Service Unavailable errors, as well as information on registered users, specifically the PRTG System Administrator accounts.
🔴FiveWest Platform Falls Victim to BLACKNET-00🔴
About the Platform:
FiveWest is a financial platform offering electronic payment services and money transfers dealing with companies and institutions across various sectors
❤2