LockBit Ransomware operators hit Swiss helicopter maker Kopter

Pierluigi Paganini December 06, 2020

LockBit ransomware operators have compromised the systems at the helicopter maker Kopter and published them on their darkweb leak site.

The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files.

Kopter Group is Switzerland-based company that was founded in 2007 that was acquired by Leonardo in April 2020.

The company focuses on the design of small and medium-class civilian helicopters such as the SH09 helicopter.

After Kopter refused to pay the ransom, LockBit ransomware operators published the stolen files on their leak site on the dark web

The files published by the ransomware gang on the leak site include internal projects, business documents, and various aerospace and defense industry standards.

kopter ransom-page
Source ZDNet

LockBit ransomware operators told ZDNet that they have accessed the network of the helicopter maker via a VPN appliance that was poorly protected.

“In an email, the operators of the LockBit ransomware told ZDNet that they breached Kopter’s network last week by exploiting a VPN appliance that used a weak password and did not have two-factor authentication (2FA) enabled.” reported ZDNet.

At the time of this writing, Kopter has yet to publicly disclose the ransomware infection.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment