News

DoppelPaymer operators published in the public domain Boeing, Lockheed Martin, SpaceX and Tesla documents

The Register reports that DoppelPaymer ransomware operators published online documents that were stolen from industrial contractor Visser Precision because the company had not paid the ransom.

Let me remind you that the trend of recent months among cryptographic operators has been the publication data stolen from the affected companies in public access.

So, malware developers urge affiliates to copy the victim’s data before encryption, so that this information can then be used as a lever of pressure (and if this does not help, make it public or sell).

“Ransomware developers Maze, DoppelPaymer, Sodinokibi (REvil) and others have already launched own sites for these purposes. Stolen information may include company’s financial documents, employee personal information and customer data”, – according to information security specialists.

Visser Precision, a victim of the DoppelPaymer attack, is one of the largest industrial contractors in the United States, whose customers include industrial enterprises, as well as aerospace and automotive companies (e.g. Lockheed Martin, SpaceX, Tesla, Boeing, Honeywell, Blue Origin, Sikorsky, Joe Gibbs Racing and many others).

“DoppelPaymer attacked Visser Precision in March this year. Since the company did not pay the ransom on time (as a rule, extortionists demand hundreds of thousands or even millions of dollars to recover encrypted files), the attackers fulfill their threats and published a selection of stolen documents in the public domain”, – say The Register.

The leak affected Visser Precision customers such as Tesla, Lockheed Martin, Boeing, and SpaceX. The Register writes that among the published documentation can be found classified information about military equipment developed by Lockheed Martin, for example, the specification of the antenna for the mortar protection system. Financial documentation, information on suppliers, data analysis reports and legal documents were also published.

Journalists sought comment from all affected companies, but received no responses from Visser Precision, Tesla, SpaceX and Boeing. Only representatives of Lockheed Martin told the publication that they knew about the situation with Visser Precision, and currently the company follows a standard process for responding to potential cyber incidents related to the supply chain.

“Lockheed Martin has invested and continues to invest heavily in cybersecurity and uses industry-leading methods to protect sensitive data. When appropriate, we are ready to provide recommendations to our suppliers and help them increase their level of information security”, — said Lockheed Martin.

Let me remind you that Maze and DoppelPaymer operators promised not to attack medical facilities during the pandemic, but Maze soon broke these promises. DoppelPaymer, as we see, did not attack doctors, however, due to this criminals do not cease to be criminals.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
James Brown

Technology news writer and part-time security researcher. Author of how-to articles related to Windows computer issue solving.

Recent Posts

Remove Pbmsoultions pop-up ads (Virus Removal Guide)

Pbmsoultions.com is a domain that tries to trick you into clik to its browser notifications…

10 hours ago

Remove Prizestash pop-up ads (Virus Removal Guide)

Prizestash.com is a site that tries to trick you into subscribing to its browser notifications…

10 hours ago

Remove Verifiedbreaking pop-up ads (Virus Removal Guide)

Verifiedbreaking.com is a domain that tries to force you into subscribing to its browser notifications…

10 hours ago

Remove Themoneyminutes pop-up ads (Virus Removal Guide)

Themoneyminutes.com is a domain that tries to force you into subscribing to its browser notifications…

11 hours ago

Remove News-xcidizi pop-up ads (Virus Removal Guide)

News-xcidizi.com is a domain that tries to trick you into clik to its browser notifications…

14 hours ago

Remove Everytraffic-flow pop-up ads (Virus Removal Guide)

Everytraffic-flow.com is a domain that tries to trick you into subscribing to its browser notifications…

14 hours ago