Saturday, July 24, 2021

Italian police arrest suspects in Leonardo Army, defense data theft

Must Read

Germany: Massive Cyber Attack Takes Down Major Funke Newsgroup

A massive cyberattack has taken down one of Germany’s largest newsgroups during the Christmas holidays. Hackers knocked out one of...

Sopra Steria: Ryuk Attack May Cost Us $60m

French IT services giant Sopra Steria has confessed ransomware attack on its systems a month is very likely to...

Elasticsearch Server Leaks Massive Instagram Click Farm

Security researchers have discovered a gigantic Instagram click farm in central Asia, managing thousands of bogus profiles. A group in...

A former worker and collaborator are accused of siphoning off sensitive data for nearly two decades.

Italian authorities have detained a former worker of Leonardo SpA and the other person for the theft of sensitive military and corporate info.

Last week, Italian law officials said that the set — among which was an IT director for Leonardo — were detained for allegedly undermining the company’s network by implementing malware capable to gently exfiltrate sensitive information.

The malware, called a Trojan version, was packed through USB sticks plugged in the workstations and stayed undetected from approximately May 2015 to January 2017.

In 2017, Leonardo’s cybersecurity team discovered anomalous network traffic coming from such workstations that were led to some command-and-control (C2) host, fujinama.altervista.org. The internet domain has been captured by Italian authorities.

Italian police arrest suspects in Leonardo Army, defense data theft
Image:fujinama.altervista.org

The malware managed to quietly exfiltrate categorized and precious company information, such as military info, and preserved persistence by automatically executing each workstation.

Initially, the defense contractor thought the information exfiltration was a small and somewhat insignificant episode, however, Italian law enforcement states a subsequent investigation showed a”more extensive and severe situation.”

Reconstructions of this episode conducted by law enforcement imply that around 10GB of information — or 100,000 documents — have been stolen during the effort concerning security and protection plan, HR, merchandise supply, and element design for military and civil aircraft, in addition to employee credentials.

Italian prosecutors have accused the set of”violent accessibility to computer systems, unlawful interception of digital communications, and [the] illegal processing of personal information “

The mind of Leonardo’s cybersecurity group has also been put under house arrest for allegedly deceptive and penalizing investigative efforts regarding the cyberattack.

In a statement, Leonardo explained that the arrests link to a person who isn’t an employee of the business, in addition to a”non-executive” former member of staff.

“The organization, which is the injured party in this event, has supplied maximum collaboration since the start and will continue to do so to allow the researchers to explain the episode, and also for its defense,” Leonardo added.

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This