On their darknet site, DopplePaymer ransomware operators congratulated SpaceX and NASA on the successful launch of their first private manned spacecraft, and then reported that they had compromised and infected the network with Digital Management Inc. (DMI), one of NASA's IT contractors.
According to official data, the DMI customer list includes a number of Fortune 100 companies, many government agencies and NASA among them. Edition Zdnet reports that it is not yet clear how deeply hackers were able to penetrate the network of the company, and how many cars were damaged as a result of the DopplePaymer attack. Journalists were not able to contact DMI representatives.
To confirm their statements, DeopplePaymer operators posted 20 archives with stolen data on the site. These archives contain a wide variety of information, from HR documents to project plans. The DMI employee information that can also be found in these files corresponds to public records on LinkedIn.
The criminals also unveiled a list of 2583 servers and workstations, which they claim to be part of the DMI internal network. Allegedly, all these machines were encrypted, and now the group requires a ransom for their decryption.