{"id":1769,"date":"2025-09-25T10:07:43","date_gmt":"2025-09-25T10:07:43","guid":{"rendered":"https:\/\/www.tsfactory.com\/forums\/?p=1769"},"modified":"2025-09-25T10:07:43","modified_gmt":"2025-09-25T10:07:43","slug":"european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested","status":"publish","type":"post","link":"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/","title":{"rendered":"European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested"},"content":{"rendered":"<p><strong>The recent cyberattack aimed at aerospace and defense company Collins Aerospace, which has caused significant disruptions at major airports in Europe, reportedly involved a piece of ransomware known as HardBit.<\/strong><\/p>\n<p>The\u00a0<a href=\"https:\/\/www.securityweek.com\/hardbit-ransomware-offers-to-set-ransom-based-on-victims-cyberinsurance\/\">HardBit<\/a>\u00a0ransomware emerged in October 2022 and it came into the spotlight a few months later when it emerged that the cybercriminals were willing to negotiate ransom amounts based on their victims\u2019 cyberinsurance policy. Not much has been reported on HardBit since.<\/p>\n<p>Cybercriminals are using HardBit ransomware to encrypt files on compromised systems and they claim to steal data from victims but, unlike many other ransomware operations, they do not appear to have a website where they name victims and leak stolen data.<\/p>\n<p>The EU cybersecurity agency ENISA revealed on Monday that the\u00a0<a href=\"https:\/\/www.securityweek.com\/airport-cyberattack-disrupts-more-flights-across-europe\/\">airport disruptions<\/a>\u00a0were the\u00a0<a href=\"https:\/\/www.securityweek.com\/european-airport-disruptions-caused-by-ransomware-attack\/\">result of a ransomware attack<\/a>, but did not share additional details.<\/p>\n<p>Cybersecurity expert\u00a0<a href=\"https:\/\/cyberplace.social\/@GossiTheDog\/115254672566587831\" target=\"_blank\" rel=\"noopener\" data-target-set=\"true\">Kevin Beaumont<\/a>\u00a0reported on Tuesday that the attack involved a variant of HardBit, which he described as \u201cincredibly basic\u201d. Beaumont learned from sources that Collins Aerospace has been having difficulties removing the malware, with devices becoming reinfected following cleanup attempts.<\/p>\n<p>The BBC\u00a0<a href=\"https:\/\/www.bbc.com\/news\/articles\/cqjeej85452o\" target=\"_blank\" rel=\"noopener\" data-target-set=\"true\">reported<\/a>\u00a0earlier this week that over one thousand computers may have been impacted and that Collins had found the hackers still inside its network after it rebuilt and relaunched systems.<\/p>\n<p>Ransomware expert\u00a0<a href=\"https:\/\/x.com\/AlvieriD\" target=\"_blank\" rel=\"noopener\" data-target-set=\"true\">Dominic Alvieri<\/a>\u00a0told\u00a0<em>SecurityWeek<\/em>\u00a0that his sources also confirmed the involvement of HardBit in the attack. However, the researcher pointed out that the HardBit ransomware is offered under an affiliate program and anyone could have used it to target Collins Aerospace.<\/p>\n<p><a href=\"https:\/\/www.securityweek.com\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/\">Read the Full Story Here<\/a><\/p>\n<p>Source: Security Week<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The recent cyberattack aimed at aerospace and defense company Collins Aerospace, which has caused significant disruptions at major airports in Europe, reportedly involved a piece of ransomware known as HardBit. The\u00a0HardBit\u00a0ransomware emerged in October 2022 and it came into the spotlight a few months later when it emerged that the cybercriminals were willing to negotiate [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1770,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1769","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested - Community<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested - Community\" \/>\n<meta property=\"og:description\" content=\"The recent cyberattack aimed at aerospace and defense company Collins Aerospace, which has caused significant disruptions at major airports in Europe, reportedly involved a piece of ransomware known as HardBit. The\u00a0HardBit\u00a0ransomware emerged in October 2022 and it came into the spotlight a few months later when it emerged that the cybercriminals were willing to negotiate [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/\" \/>\n<meta property=\"og:site_name\" content=\"Community\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/TSFactoryLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-25T10:07:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2025\/09\/airlinecybersecurity.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"853\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chelsie Wyatt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:site\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chelsie Wyatt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/\",\"name\":\"European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested - Community\",\"isPartOf\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2025\/09\/airlinecybersecurity.jpg\",\"datePublished\":\"2025-09-25T10:07:43+00:00\",\"author\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/#primaryimage\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2025\/09\/airlinecybersecurity.jpg\",\"contentUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2025\/09\/airlinecybersecurity.jpg\",\"width\":1280,\"height\":853},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.tsfactory.com\/forums\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/\",\"name\":\"Community\",\"description\":\"TSFactory\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\",\"name\":\"Chelsie Wyatt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"caption\":\"Chelsie Wyatt\"},\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested - Community","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/","og_locale":"en_US","og_type":"article","og_title":"European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested - Community","og_description":"The recent cyberattack aimed at aerospace and defense company Collins Aerospace, which has caused significant disruptions at major airports in Europe, reportedly involved a piece of ransomware known as HardBit. The\u00a0HardBit\u00a0ransomware emerged in October 2022 and it came into the spotlight a few months later when it emerged that the cybercriminals were willing to negotiate [&hellip;]","og_url":"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/","og_site_name":"Community","article_publisher":"https:\/\/www.facebook.com\/TSFactoryLLC\/","article_published_time":"2025-09-25T10:07:43+00:00","og_image":[{"width":1280,"height":853,"url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2025\/09\/airlinecybersecurity.jpg","type":"image\/jpeg"}],"author":"Chelsie Wyatt","twitter_card":"summary_large_image","twitter_creator":"@TSFactoryLLC","twitter_site":"@TSFactoryLLC","twitter_misc":{"Written by":"Chelsie Wyatt","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/","url":"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/","name":"European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested - Community","isPartOf":{"@id":"https:\/\/www.tsfactory.com\/forums\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/#primaryimage"},"image":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/#primaryimage"},"thumbnailUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2025\/09\/airlinecybersecurity.jpg","datePublished":"2025-09-25T10:07:43+00:00","author":{"@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f"},"breadcrumb":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/#primaryimage","url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2025\/09\/airlinecybersecurity.jpg","contentUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2025\/09\/airlinecybersecurity.jpg","width":1280,"height":853},{"@type":"BreadcrumbList","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.tsfactory.com\/forums\/"},{"@type":"ListItem","position":2,"name":"European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested"}]},{"@type":"WebSite","@id":"https:\/\/www.tsfactory.com\/forums\/#website","url":"https:\/\/www.tsfactory.com\/forums\/","name":"Community","description":"TSFactory","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f","name":"Chelsie Wyatt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","caption":"Chelsie Wyatt"},"url":"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/"}]}},"_links":{"self":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1769","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/comments?post=1769"}],"version-history":[{"count":1,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1769\/revisions"}],"predecessor-version":[{"id":1771,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1769\/revisions\/1771"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media\/1770"}],"wp:attachment":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media?parent=1769"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/categories?post=1769"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/tags?post=1769"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}