Gigabyte is one of several Taiwanese technology companies that have fallen victim to a ransomware attack. This includes Acer, which a few months ago became the target of ransomware.
The ransomware attack that hit Gigabyte did not have an impact on their production systems. Because this ransomware ‘only’ attacks a small number of internal servers at Gigabyte’s headquarters.
According to Gigabyte, the server is now able to operate again because the data has been restored from an existing backup. But the problems of the ransomware attack did not stop there.
RansomExx, the syndicate behind this ransomware attack, apparently in addition to locking data on the server also stole Gigaabyte data. The amount is not less than 112 GB, which contains various confidential information.
For example, the secret message between Gigabyte and several companies such as Intel, AMD, and American Megatrend. Including several documents with the status of a non-disclosure agreement (NDA), aka also confidential.
Predictably, the perpetrator threatened Gigabyte to leak the documents if they didn’t want to pay the ransom, quoted detikINET from Techspot, Monday (9/8/2021).
Currently, Gigabyte is still figuring out how the ransomware was able to infiltrate their internal network. However, it seems that the ransomware attack started with a phishing action via email or it could also use stolen data obtained from various sources.
These two methods are the most common tactics criminals use to infiltrate ransomware into their victims’ networks.
This Ransomware to Gigabyte is not the only action RansomExx, which before 2018 operated under the name ‘Defray’. They have previously attacked technology companies such as Garmin, Acer, Compal, Quanta, and AdvanTech.
Even last month they attacked the COVID-19 vaccination registration system in Italy, they also attacked CNT, the state-owned telecommunications operator in Ecuador.
Watch Videos”The Advantages of the Latest Generation AMD Ryzen 5000 Series Processors“