16 June 2021

US nuclear weapons contractor Sol Oriens falls victim to REvil ransomware gang


US nuclear weapons contractor Sol Oriens falls victim to REvil ransomware gang

Sol Oriens, an Albuquerque-based nuclear weapons contractor, was reportedly hit by a REvil ransomware attack earlier this year.

Sol Oriens is the subcontractor for the U.S. Department of Energy (DOE) that works on nuclear weapons with the National Nuclear Security Administration (NNSA). The company told CNBC that it became aware of the “cybersecurity incident” in May and that the investigation is still ongoing.

According to the company’s statement, it “recently determined that an unauthorized individual acquired certain documents from our systems. Those documents are currently under review, and we are working with a third-party technological forensic firm to determine the scope of potential data that may have been involved.”

While Sol Oriens did not reveal the culprit behind the attack, it appears that the REvil ransomware group was behind it.

Earlier this month, the REvil gang added the Albuquerque-based firm to the list of victims it publishes on their darkweb website. According to REvil’s claims, they have stolen business data and employees' data, including salary information and social security numbers from Sol Oriens. To support their claims the gang shared images of a hiring overview document, payroll documents, and a wages report.

"Sol Oriens, LLC did not take all necessary action to protect personal data of their employees and software developments for partner companies," the the group wrote in the posting. "We hereby keep a right to forward all of the relevant documentation and data to military angencies [sic] of our choise [sic], includig [sic] all personal data of employees."

Recently the beef producer JBS has admitted to have paid an $11 million ransom to the REvil ransomware gang after the company was hit by a cyberattack.


Back to the list

Latest Posts

Free VPN apps on Google Play turned Android devices into residential proxies

Free VPN apps on Google Play turned Android devices into residential proxies

The threat actor behind this scheme profits by selling access to the residential proxy network to third parties.
28 March 2024
Cyber spies strike Indian government and energy sectors

Cyber spies strike Indian government and energy sectors

The operation involved phishing emails delivering the HackBrowserData info-stealer.
28 March 2024
Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

97 zero-day flaws were exploited in-the-wild in 2023, marking an increase of over 50% compared to 2022.
27 March 2024