Clop Ransomware Operators Publish Blueprint of Military Radar System

Cybercriminal group Clop has published on the darknet a CAD drawing of a military radar system developed by military contractor Leonardo and installed on a number of US and UAE aircraft.

As reported by The Register, the ransomware had at least one drawing of the Leonardo Seaspray 7500E radar antenna. Sources familiar with military radar systems and antennas looked at the leaked blueprint, identified the device, and confirmed the model.

The blueprint was stolen by Clop operators in a cyberattack on the Canadian aircraft manufacturer Bombardier. According to experts, all information stolen by criminals dates back to the beginning of the 2010s.

According to the results of the investigation, it became known that the criminals gained access to data by exploiting a vulnerability in a third-party file transfer application running on specially created servers isolated from the main IT network of Bombardier.

Although the company did not name the application, it is believed to refer to the Accellion FTA file sharing software used by companies to host and share large files that cannot be emailed to customers and employees. The attacks on FTA by Accellion began in December 2020 and resulted in to the compromise of data belonging to Accellion customers. During the attacks, the attackers exploited multiple vulnerabilities in the file-sharing software. According to the company, all vulnerabilities were fixed, and "only 100 out of 300 FTA clients were victims of the attack."

Previous Post Next Post