Posted on August 12, 2021 at 6:50 PM
Gigabyte suffered from a massive malware attack that was allegedly orchestrated by the hacker group RansomEXX. Details from the company state that the attack did not affect the firm’s production line, but it affected several internal servers.
The attack affected several operations of Gigabyte, including the support system, which is yet to be restored. This has posed a significant issue with customers who want to access warranty services regarding repairs and updates.
Currently, the hackers behind the attack have issued a threat to Gigabyte, claiming to release the stolen data. Some of the details that the hackers have threatened to release include confidential details from AMD, American Megatrends and AMD.
These three firms are involved in manufacturing PC parts such as computer chips, graphic cards and motherboards. It is alleged that the hackers attacked screenshots of the data they acquired and were intending to leak. However, this data is under an NDA and has not been shared with the public.
Gigabyte Ransomware Attack
Gigabyte is a company that is popular for manufacturing PC components, including motherboards and graphics cards. The firm also deals with other devices such as laptops and gaming monitors that go by Aorus.
The Taiwanese based firm suffered a major attack by RansomEXX on Tuesday that led to 112GB of data being stolen. The hackers threatened to publish the information unless the company pays a ransom.
The hacking attack happened on Tuesday night, and the company was forced to take down its PC systems in Taiwan. Various websites of the company were also affected, and mainly its support site remained inaccessible.
Gigabyte has failed to mention the amount of ransom demanded by the attackers. However, various sources have revealed that the group creates ransom notes that give companies details about the email addresses they should use to communicate and negotiate on the ransomware price.
Gigabyte did not give an official press statement on the matter, and it failed to mention publicly that RansomEXX was behind the attack. However, the company has separated the affected servers, contacted law enforcement agencies, and launched an investigation into the issue.
RansomEXX is an operation that was launched in 2018 under the name Defray before rebranding in June 2020. The group gains access to a network using the Remote Desktop Protocol and later exploits and steals user data.
Once the hackers breach the network, they continue retrieving credentials and control the Windows domain controller. The data stolen will then be used as leverage to extort companies before paying a ransom.
The group has been behind various attacks, including the Lazio region in Italy and the Nacional de Telecomunicacion in Ecuador. It has also been linked to ransomware attacks on Konica Minolta, IPG Photonics, Texas Department of Transportation, Tyler Technologies and various government networks in Brazil.
Cybersecurity Crimes on the Rise
Cyber related crimes have been on the rise in the pay year. Like in the case with Gigabyte, Acer was also hacked by the REvil group, which also targeted corporate data. After hackers gained access to the data, they demanded a ransom of $50 million to return it. Despite the hack happening at the beginning of the year, Acer has failed to mention its outcome.
Besides affecting technological firms, ransomware attacks have also become prevalent in hospitals, energy firms and insurance companies. The US Colonial pipeline also recently suffered a major attack that led to massive losses. The SolarWinds hack was also another major hacking attack this year.
One of the major factors that have influenced the rise in hacking activities is the shift to working from home structures caused by the Covid-19 pandemic. Because companies have to launch external communications with employees, their online systems have been open to vulnerabilities that hackers exploit. These hacks have since grown beyond the technological sector.
Food companies have also been affected by these hacking attacks. One of these companies is JBS Foods, a meat processing company recently forced to part $11 million in May after hackers encrypted their data.
It is still not clear as to the amount that RansomEXX will go with after this hacking attack. Like in the case of Gigabyte, most companies affected by ransomware attacks hide some of the details related to the attack. Nevertheless, it has become clear that cybersecurity is a major issue that needs to be dealt with, especially as companies embrace technology. Companies are being forced to invest in stronger cybersecurity systems that will enforce the security of their online systems.