Conti ransomware hits Apple, Tesla supplier
Image: Kurt Von
Catalin Cimpanu January 27, 2022

Conti ransomware hits Apple, Tesla supplier

Conti ransomware hits Apple, Tesla supplier

The Conti ransomware gang has been linked to an attack on Delta Electronics, a Taiwanese electronics manufacturing company and a major supplier of power components to companies like Apple and Tesla.

The attack took place last Friday, on January 21, according to a statement shared by the company with stock market authorities.

The company said the attack was detected right away, and its security team intervened to contain infected systems and begin recovery operations.

Delta, which is primarily known for its powerful UPS solutions, said the attack did not impact its production systems.

However, in a report today from local tech news site CTWANT, a reporter claims to have obtained a copy of an internal incident report detailing the attack in far-grimmer conditions.

More than 1,500 servers and more 12,000 of Delta’s 65,000 computer fleet were encrypted by the attackers.

Delta, who is supposedly working with Trend Micro and Microsoft to contain the damage, is said to have found a copy of the ransomware deployed inside its network, which was identified as a version of Conti.

The attackers allegedly requested a ransom demand of $15 million from the Taiwanese electronics maker.

At the time of writing, Delta’s name has yet to be mentioned on Conti’s leak site, which typically means that the two entities are still negotiating a payment.

According to a source familiar with the attack who tipped The Record about the incident, the company has yet to restore most of its systems, and its official websites remain offline. The company is using an alternative web server to keep in contact with its customers.

A Delta spokesperson has not yet returned a request for comment sent earlier this week.

File hash of the Conti sample that was allegedly deployed inside Delta’s network: 5ace33358a8b11ae52050d02d2d6705f04bd47a27c6c6e28ef65028bbfaf5da9

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.