A group that identifies itself as Adrastea has announced on various cybercriminal forums the sale of information attributed to European missile maker MBDA. The company is one of the leading European designers and manufacturers of missile systems and was formed by the merger of Aérospatiale-Matra Missiles, Finmeccanica and Matra BAe Dynamics in December 2001. The group claims to have 60 GB of data and has published samples that include documents related to the Italian Army. On the BrachForums portal, the group’s post was made in Italian.
The sample data appears to be related to the customizations (MoD) made for Italy by the company. MBDA is the only integrated defense company to supply missiles and missile systems to all branches of the armed forces (air, sea, land).
It is a group with over 13,000 employees working in France, Germany, Italy, Spain and the United Kingdom. There are also offices in the US.
The group’s ad reads “Hello! Who we are ????? – a group of independent experts and researchers in the field of information security. We detected critical vulnerabilities in the network infrastructure and gained access to the company’s confidential files and data. Currently, the volume of downloaded data is around 60GB. The downloaded data contains confidential and closed information about your company’s employees, who participated in the development of MBDA’s closed military projects (PLANCTON, CRONOS, CA SIRIUS, EMADS, MCDS, B1NT, etc.) and about commercial activities with the Ministry of European Union Defense (air defense design documentation, missile systems and coastal protection systems, drawings, presentation, video and photographic (3D) material, contractual agreements and correspondence with other companies Rampini Carlo, Netcomgroup, Rafael, Thales, ST Electronics etc…)
If confirmed, it will be the second in two weeks on Italy’s critical infrastructure: last week, the LockBit group claimed to have broken into the Italian tax department (equivalent to the IRS). However, the state-owned company Sogei spa reported that the first analyzes carried out did not indicate the occurrence of cyber attacks or data theft on the technological platforms and infrastructure of the Financial Administration.
Source: CisoAdvisor
