What happened now? Taiwanese manufacturer Gigabyte was attacked by ransomware this week, and the group responsible for the incident threatens to release a 112GB treasure trove if the company doesn’t pay. The attackers failed to stop production, but this is the sixth Taiwanese company they have attacked in the past few years.
Ransomware attacks only get worse, especially when we talk about large companies and critical infrastructure. Last year, almost half of all claims from large organizations were from ransomware, with a total loss of more than $ 20 billion. Computer makers such as Acer have also become prime targets in recent times, with hackers demanding millions to provide the decryption key for sensitive files.
Earlier today, Gigabyte, a renowned manufacturer of servers, laptops, monitors, motherboards and video cards, said Taiwan’s United Daily News reported that it was hit by a ransomware attack on Tuesday night that did not affect production systems as it targeted a small number of internal servers located at its headquarters. The company says the servers have been restored from backup and brought online thanks to prompt security action, but the incident is far from over.
As discovered The Record, the ransomware gang responsible for the attack, is RansomExx, which claims to own at least 112 gigabytes of data, including confidential communications with Intel, AMD and American Megatrends, as well as documentation under the NDA. The group threatens to go public if Gigabyte doesn’t want to pay.
The company is still investigating the root cause of the hack, but chances are it started with phishing emails or stealing credentials purchased from an online source, as is common with these attacks.
This is not the first time for RansomExx, which operated as Defray until 2018 and has a history of attacks against Taiwanese companies such as Garmin, Acer, Compal, Quanta and AdvanTech. Over the past month, he also attacked Covid-19 vaccination booking systems in Italy and Ecuador’s state telecommunications company CNT.