According to many sources, Taiwanese computer hardware company Gigabyte Technology has become the target of the RansomExx group cyber attack.
Gigabyte mainly produces motherboards, but it also shifts to other hardware such as graphics cards and other PC components. The Chinese news website Bleeping Computer and United Daily News also confirmed the attack.
According to BleepingComputer, RansomwareExx is the culprit of this attack. Trojan based malware is infected systems via email. With a protected Word document, the victim’s computer is infected and the file is encrypted. Then it will display a countdown counter and warn that if the ransom is not paid on time, the file will be deleted. Gigabyte contacted law enforcement, but didn’t make it clear if it would pay the ransom.
Ransomware group RansomEXX claims to have stolen 112 GB of confidential internal data and information in the code basestolen late at night on August 3rd and August 4th.
However, there are reports that some websites have been shut down and support services are particularly affected.
The organization is also associated with Defray, a cybercriminal that started operations in 2018.RansomEXX was established in 2018 under the name Defray, but was renamed in 2020 with the goal of targeting high profile organizations.
It is not surprising that PC companies face these attacks. Not only do they have the money to pay the ransom, but they also have many technical secrets that they are eager to protect. However, this series of attacks is still worrying. In addition to the short-term financial impact, there is also concern that these attacks may reveal trade secrets and cause long-term damage.