Motherboard vendor GIGABYTE hit by RansomExx ransomware gang
Taiwanese computer hardware vendor GIGABYTE has suffered a ransomware attack, and hackers are currently threatening to release more than 112 GB of business data on the dark web unless the company agrees to their ransom demands.
The Taiwanese company, primarily known for its high-performance motherboards, confirmed the attack in a phone call and in a message on its (now-down) Taiwanese website.
A spokesperson said the incident did not impact production systems. Only a few internal servers at its Taiwanese headquarters have been affected and have now been taken down and isolated.
The company is currently in the process of investigating how the hackers breached its systems, stole files, and encrypted local copies. Local law enforcement has also been notified.
RansomExx gang takes credit
While the company did not name the attackers, The Record obtained access through a source to a dark web page containing the ransomware gang's extortion demands.
The page is hosted on a dark web portal where members of the RansomExx ransomware cartel usually host threats to hacked companies and leak data from those that refuse to pay.
We have downloaded 112 GB (120,971,743,713 bytes) of your files and we are ready to PUBLISH it.Message on RansomExx extortion page
Many of them are under NDA (Intel, AMD, American Megatrends).
Leak sources: [redacted]gigabyte.intra, git.[redacted].tw and some others.
The ransomware attack on GIGABYTE's Taiwan headquarters is the latest in a long list of ransomware attacks that have hit Taiwan's tech sector over the past few years.
Previous victims include Acer, AdvanTech, Compal, Quanta, and Garmin.
Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.