Kopter Falls Prey to LockBit Ransomware
Kopter, a small and medium-sized civil helicopter maker acquired by Leonardo company earlier this year, was now attacked by ransomware. The perpetrators behind this incident were identified as the LockBit group, who have published stolen data on their leak site! Most ransomware operators maintain their own data leak sites on the dark web to dump the stolen data from their victims if they refused to pay. This hasn’t been in most cases, as many surrender when perpetrators leak a sample of the sensitive data and threaten them to dump the rest. As leaking them could give rise to more cyberattacks, most companies pay up a ransom to avoid leaking. Yet, few companies choose not to pay and let go. Kopter did the same!
This was known after the LockBit ransomware group, which hacked the Kopter last week, dumped their stolen data. The leaked data includes Kopter’s internal projects, business documents, and aerospace and defense industry standards. As reported by ZDNet, LockBit said that someone from Kopter had accessed the data leak site but didn’t show up for negotiating the ransom or didn’t pay up till now. Thus, they published all the stolen data. Also, LockBit revealed that they had compromised Kopter’s network through a VPN appliance with a weak password and no 2FA. Kopter hasn’t published any security report yet, nor replied anything on this incident when asked by ZDNet.