BERLIN (Reuters) - German arms and car parts maker Rheinmetall said it had been hit by a malware attack affecting production at some sites in the United States, Mexico and Brazil, sending shares down in early trade on Friday.

FILE PHOTO: A woman walks past the logo of Germany's Rheinmetall AG ahead of the shareholder meeting at a hotel in Berlin, Germany, May 28, 2019. REUTERS/Fabrizio Bensch

“Normal production processes at these locations are currently experiencing significant disruption,” Rheinmetall said in a statement late on Thursday.

Rheinmetall shares, which have risen around 50% since the start of this year, were indicated to open 2.9% lower in early Frankfurt trade on Friday.

“The IT infrastructure in the region has been shut down and is currently being rebuilt”, Rheinmetall spokesman Peter Ruecker said, adding the company could not say who might have been behind it.

Cyber attacks, especially those which affect producers engaged in critical infrastructure, machinery and armament, are becoming a big headache for European blue chip companies.

On Thursday, France's AFP news agency reported that a series of cyber attacks on Airbus AIR.PA in the past few months was conducted via the computer systems of its suppliers and security sources suspect a link to China.

In July, German blue-chip companies BASF BASFn.DE, Siemens SIEGn.DE and Henkel HNKG_p.DE revealed they had been victims of cyber attacks, confirming a German media report which said the likely culprit was a state-backed Chinese group.

Rheinmetall said the IT shutdown is expected to last two to four weeks, with a financial impact of 3 to 4 million euros ($3.27 to $4.36 million) per week.

“We are still able to deliver according to schedule,” Ruecker said.

He said that the domain affected by the malware had been cut off from Rheinmetall’s corporate network and that only the Automotive branch -- and thus none of Rheinmetall’s armament operations -- were affected by the attack.