Gigabyte Technology, a Taiwanese computer hardware company, has suffered a major security breach, reportedly carried out by a hacker organization RansomEXX.
The culprits are said to be in possession of the company’s valuable data and threatening to release over 100 GB of sensitive data if it fails to pay the ransom. The compromised data include several classified Intel, including American Megatrends and AMD documents.
As per the reports, the company’s internal servers are also said to be affected by the attack, with no major impact on any of its production systems.
Gigabyte under Ransomware Attack
The unfortunate incident forced the company to turn off its systems in Taiwan, causing momentary inaccessibility of its website and support sites. Currently, most of Gigabyte’s official website and its support sites are temporarily down and inaccessible.
Gigabyte has confirmed the reports of the ransomware attack via the Chinese website United Daily News on Friday. As per the company’s spokesperson, the attack has only affected a small number of its servers.
However, the company hasn’t yet disclosed more information related to the attack. It’s unclear whether the tech company would consider meeting the hacker’s demands. In addition, the amount that the hackers are seeking hasn’t yet been shared with the public.
Law-enforcement authorities have already been notified of the situation, and the investigation is still ongoing. As of now, the company has not yet publicly named RansomEXX as the culprit.
Bleeping Computer, a tech publication, reported that the attack was masterminded by the hacking group RansomEXX. The hackers have asked the firm to contact them via email to start negotiations.
They received a link on their official site that is redirected to a page confirming the doings of the ransom group. The link has all the details about the stolen data, including several non-disclosure agreements. The tech giant also found four screenshots consisting of confidential documents and the debug document of American Megatrends and Intel documents.
Gigabyte Technology is widely known for its high-performance computer components such as graphic cards and motherboards. The company also has a line of laptops and other peripherals, available under the brand name “Auros.”
RansomEXX: a notorious group of online hackers
RansomEXX, formerly known as Defray, is notorious for carrying out several high-profile malware attacks. The group is previously involved in cyberattacks on the Corporacion Nacional de Telecommunication in Ecuador and the Lazio region of Italy.
Other companies that were attacked by RansomEXX include IPG Photonics, Tyler Technologies, Konica Minolta, the government networks of Brazil, and the Texas Department of Transportation.
These ill-intentioned online strangers benefit from the Remote Desktop liabilities and use stolen credentials to access the company’s protected network.
A drastic rise in ransomware attacks prompt companies to enhance their online security
Ever since the pandemic has forced companies to opt for remote working protocols, cybercriminals are on the hacking rampage and threatening companies to leak their valuable data in exchange for ransom.
Hence, it has become imperative for companies to use anti-ransomware software and reliable VPN services to keep their confidential data protected and secured against potential cyberattacks.
After Friday’s cyber-attack, Gigabyte has isolated the compromised servers, alerted local authorities, and initiated an investigation.