How Hackers And Cargo Thieves Orchestrated The Great Massachusetts Lobster Heist

In a story that at first blush appears to be something you would see in a heist movie on Netflix, criminals stole 40,000 pounds of lobster meat valued at approximately $400,000 from a warehouse in Taunton, Massachusetts and vanished without a trace. The lobster had been intended for delivery to Costco stores in Illinois and Minnesota but, unless authorities are able to apprehend the criminals soon, will most likely end up being sold on the black market. According to Dylan Rexing, the CEO of Rexing Companies the freight broker that was coordinating the lobster shipment, the value of the lobster on the black market would be $200,000.

In a twist worthy of my future possible Netflix movie, just ten days earlier a large shipment of crab was stolen from the same facility. Lobster and shrimp are attractive targets for criminals because the lack of any kind of serial number makes them hard to trace and they can easily be sold on the black market.

Setting the stage for the crime begins with sophisticated hackers compromising a freight broker’s load board account, which is an online marketplace where trucking loads are listed and bid on. As typical in many data breaches and other cyberattacks, the accounts are compromised through social engineering and spear phishing. After taking over a freight broker’s account, the criminals then post a fraudulent load listing offering an attractive shipment. When a legitimate trucking company or dispatcher responds to the phony load listing, the criminals reply with an email with malware contained in a link that appears to be a shipping document or contract. When the legitimate trucking company clicks on the link, remote monitoring and management (FMM) software is surreptitiously installed on the legitimate trucking company’s computer thereby giving the criminal full access to the legitimate company’s computer network enabling them to pose as the legitimate company and bid on deliveries or to pose as the legitimate company and send emails that appear to be from the legitimate company related to already contracted deliveries. The criminals invade the supply chain so that even when a truck is dispatched for a legitimate load, the criminals make sure they get there first. The thieves show up with trucks bearing the markings of the legitimate companies they pose as and pick up the items to be delivered. Once the loaded trucks leave the warehouse, they disable the GPS tracking used in shipments Cybersecurity company Proofpoint issued a report in November of 2025 that details how these thefts are accomplished.

It has been hypothesized that more traditional organized crime rings that may have hijacked trucks in the past are partnering up with new cybercriminals who are in effect the IT department for the older crime groups which could be a great subplot for my Netflix heist movie.

Testifying before the House Judiciary subcommittee, Chris Spear, the president of the American Trucking Associations said, “Straight theft has been around since trucks have been on the road. It involves the physical theft of cargo from a distribution center of the back of a truck.” However, noting the evolution of this crime, he told the committee “Strategic theft involves the use of advanced cyber tactics to trick shippers, brokers, and carriers, to divert and hand over loads. This high-tech form, cargo theft has become a digital Renaissance for thieves, surging 1,500% since 2021.”

MORE FOR YOU

And while the lobster theft may make a great Netflix heist movie, criminals are able to use hacking technology to monitor trucking contracts to pick and choose the most lucrative targets which include food and beverages (including lobsters); electronics and high-end tech products; metals, especially copper; pharmaceuticals and household goods.

The National Insurance Crime Bureau (NCIB) estimates the annual losses from cargo theft to be $35 billion.

Combating this new partnership of organized crime trucking hijackers and cybercriminals will require close collaboration between law enforcement, government agencies and the commercial trucking industry. In 2022 the Department of Homeland Security launched Operation Boiling Point (particularly appropriate for the lobster heist) to combat organized crime groups involved with cargo thefts and organized retail crime through such collaboration.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts