Cyberattack on Apollo Aerospace Components: A Ransomware Threat by Dunghill Leak

Incident Date: Apr 15, 2024

Attack Overview

VICTIM

Apollo Aerospace Components

INDUSTRY

Manufacturing

LOCATION

United Kingdom

ATTACKER

Dunghill

FIRST REPORTED

April 15, 2024

Request Removal

Ransomware Attack on Apollo Aerospace Components by Dunghill Leak

Company Profile

Apollo Aerospace Components, with an estimated annual revenue of $25.3 million and a workforce of 103 employees, is a notable entity in the aerospace manufacturing sector. The company has shown significant growth, with a 36% increase in employee count last year. Its Polish subsidiary, Apollo Aerospace Components Sp. z o.o., has also reported a substantial net sales revenue increase of 120.04% in 2021, currently employing 4 individuals and operating in the Wholesale Trade Agents and Brokers sector.

Ransomware Attack Details

The ransomware group Dunghill Leak, also known as the Dark Angels Team, has claimed responsibility for a cyberattack on Apollo Aerospace Components. This group, which emerged in 2023, is known for its high-profile attacks and demands for multi-million dollar ransoms, often targeting companies based on their cyber insurance coverage. Dunghill Leak employs a double extortion tactic, which involves stealing sensitive data before encrypting the victim's systems and threatening to release the information publicly if the ransom is not paid.

Technical Aspects of the Attack

Initially, Dunghill Leak utilized the stolen Babuk ransomware source code to craft their own encryptor. They have also been observed using a tailored version of the Ragnar Locker ransomware. Recently, the group has developed a custom encryptor, enhancing their capability to breach and compromise corporate networks effectively.

Vulnerabilities and Target Selection

The victim's significant growth and expansion, combined with its substantial revenue and employee increase, likely made it an attractive target for Dunghill Leak. Organizations in the manufacturing sector, particularly those involved in aerospace components, often hold valuable intellectual property and sensitive data, increasing their risk of being targeted by sophisticated cybercriminal groups like Dunghill Leak.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.