Lockheed Martin responds to Iranian F-35 hacking claims

Air

24 March 2026

By: David Hollingworth

Following reports by hacktivist group APT-Iran that it had hacked the company, defence and aerospace giant Lockheed Martin has said it is aware of the threat actor’s claims.

“We are aware of the reports and have policies and procedures in place to mitigate cyber threats to our business,” a Lockheed Martin spokesperson told Defence Connect’s sister brand, Cyber Daily.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Defence Connect. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

“We remain confident in the integrity of our robust, multi-layered information systems and data security.”

APT-Iran boasted on its Telegram channel on 20 March that it successfully exfiltrated 375 gigabytes of data from the company, including sensitive files related to military hardware, including technical documentation related to F-35 Block 4, information on next-generation interceptor missile systems, contracts and internal communications, and employee-related data and internal emails.

The threat actor said the data was worth hundreds of millions of dollars and that it was considering selling the data to the highest bidder.

However, these claims remain unverified at the time of writing, as the group has not published any evidence of the hack.

Earlier in March, APT-Iran claimed to have successfully penetrated the Jordan Silos and Supply General Company via a phishing attack targeting one of its employees. The group said it was able to take control of temperature and moisture management systems and weight scales, raising temperatures to destroy grain stocks.

The group also claimed to have shut down inverters at a local solar power plant.

VIEW ALL

In addition, APT-Iran has also issued warnings to fellow travellers regarding possible compromise of Starlink devices and virtual private networks (VPN).

“Important notice for Starlink device users in Iran – this tool has fallen into the hands of Israeli intelligence and is being used to track the precise locations of individuals inside Iran,” the group said in Farsi on its Telegram channel.

“We warn users not to use these devices. We predict with years of experience that Starlink terminals are a precise tracking tool and will easily betray their users.”

APT-Iran said in a follow-up post that it was planning on shutting down Starlink devices in the country, and that it was going to expose “VPN sellers and their associates” as collaborators.

“We have no time for them”, an APT-Iran spokesperson said. “We will fight alongside you and expose the full details of their operations.”

Want to see more stories from trusted news sources?
Make Defence Connect a preferred news source on Google.
Click here to add Defence Connect as a preferred news source.

Tags: