SpaceX's precision parts manufacturer just got hacked
In a major shocker, Visser Precision, a custom parts manufacturer for some of the biggest space, auto, and defense contractors - including companies like SpaceX and Lockheed Martin, has been hit by a security breach. The company was reportedly attacked by a novel strain of ransomware, which allowed attackers to steal some of its confidential business data. Here's all about it.
Ransomware used to steal and then publish Visser's data
As first reported by TechCrunch, Visser's systems were compromised by DoppelPaymer, a new kind of ransomware that steals files and then threatens to publish them if a certain amount of money is not paid on time. In this case, it is not clear how much ransom the company was asked to pay, but its data has been spotted on a website.
A lot of confidential data leaked on the site
The database published on the site in question included a lot of confidential information related to Visser and its clientele. Specifically, it contained a list of folders designated to different customers, including SpaceX, Tesla, aircraft company Boeing, and defense giant Lockheed Martin. Within each folder, one could find files related to Visser's business with the companies, starting from NDAs to different ongoing projects.
Missile antenna details from Lockheed Martin were also leaked
According to the researchers who discovered the site and its database, the batch information even had a file that looked like the schematic of a missile antenna. It was designated as "Lockheed Martin proprietary information."
Lockheed says it is aware of the situation
Though it looks like Visser has compromised some extremely confidential data associated with ongoing/planned defense, space, and auto projects, many affected companies have not commented on the matter. Meanwhile, a spokesperson from Lockheed Martin said the company is "aware of the situation with Visser Precision and are following our standard response process for potential cyber incidents related to our supply chain."
Visser says business is 'operating normally'
In response to TechCrunch, Visser confirmed the breach but said business has not been affected by it. A spokesperson for the company said they were "the recent target of a criminal cybersecurity incident, including access to or theft of data" while emphasizing that the company is still conducting a "comprehensive investigation of the attack, and business is operating normally."
DoppelPaymer had also targeted Chilean government
The attack on Visser marks the latest target for DoppelPaymer. The ransomware has been active since last year and has already been used to target the Chilean government and Mexico's state-owned petroleum company Pemex.
