Homedata privacyHardware giant Gigabyte hit by ransomware attack

Hardware giant Gigabyte hit by ransomware attack


Gigabyte, the Taiwan-based computer hardware manufacturer, has been subject to a ransomware attack by the RansomExx ransomware gang. According to an article by The Record, the hacker organization is currently in possession of approximately 112 GB of company business data and are threatening to release it on the dark web if Gigabyte did not comply with their ransom demands. In a phone call, the Taiwanese company confirmed the attack to The Record and also posted a message on its Taiwanese website.

A spokesperson from the company told The Record that the ransomware attack did not affect the company’s production systems. It was reported that the attack was focused only on a few internal servers at the company’s Taiwan-based headquarters. It has been confirmed by the company that the affected systems have since been isolated and taken down.

The Taiwanese hardware giant is best known for its PC components like motherboards and graphics cards, but they also manufacture other peripherals like gaming monitors under the name of ‘Aorus’, and also have a line of laptops under the same branding.

How the Gigabyte ransomware attack happened

The ransomware attack happened late on Tuesday night into Wednesday, and the attack forced Gigabyte to shut down its systems in Taiwan. The ransomware attack also affected Gigabyte websites from a lot of regions, including its technical support site and parts of its Taiwanese website.

Source: Bleeping Computer

While talking to The Record, Gigabyte did not specifically mention the name of the attackers. However, the article claims that, after obtaining access to a dark web page through a source, it was found that the ransomware gang responsible for the attack had posted their demands in an attempt to extort Gigabyte.

Source: The Record
Source: The Record

It has been stated that the dark web portal is a page where members of the RansomExx ransomware gang regularly host their threats to hacked companies and also leak the data of those companies that refuse to comply with the gang’s extortion demands.

According to the gang’s extortion page, seen by The Record, they are threatening to publish 112 GB of data that it took from Gigabyte’s internal servers. The gang also claimed that they were in possession of some documents that were secured under non-disclosure agreements from major companies like Intel, AMD, and American Megatrends (a company that creates firmware for motherboard and computer manufactures including Gigabyte).

We have downloaded 112 GB (120,971,743,713 bytes) of your files and we are ready to PUBLISH it.
Many of them are under NDA (Intel, AMD, American Megatrends).
Leak sources: [redacted]gigabyte.intragit.[redacted].tw and some others.

The message by RansomExx to Gigabyte on the gang;s extortion page

RansomExx is a ransomware gang that started in 2018 by the name of Defray, but later “rebranded” to RansomExx in 2020. According to Bleeping Computer, the gang has been much more active in recent times having attacked Ecuador’s National Telecommunications Corporation (CNT), and IT systems at Lazio, Italy.

The current scenario

PC and component manufactures are a very common target for hackers. Earlier this year, Acer was reportedly hit with a $50 million ransomware demand by the REvil group, which would go on to target one of the suppliers of Apple. Gaming giant EA was also subject to a ransomware attack where the hackers released all the stolen data.  

As of now, Gigabyte is yet to disclose the amount demanded by the ransomware gang. As per the dark web page, they have directed the company to contact them via email to begin negotiations. It is still unclear as to whether Gigabyte is in contact with RansomExx or if they are considering anything.

As per The Record, the company is currently in the process of investigating how the hackers breached its systems, stole files, and encrypted local copies. The company has also reportedly notified law enforcement.

The Gigabyte ransomware attack is just another attack in a year that has seen the likes of Fujifilm, Colonial Pipeline, Kaseya, Electronic Arts, and Saudi Aramco amongst the many big names hit by ransomware gangs.  

Related articles:

Authors led by Pulitzer prize winner Michael Chabon sue ChatGPT for copyright infringement

A group of U.S. authors, including Pulitzer Prize winner...

Google mandates election ads to ‘prominently disclose’ AI content

Starting this November, Google will require political advertisements to...

Microsoft to indemnify and defend its AI product users from infringement claims

Microsoft on Thursday said it will assume legal responsibility...

Data Protection Act and its impact on processing employee data

The data protection law finally became a reality when...

Data Protection Board to be notified soon: MeiTY MoS Rajeev Chandrashekhar

The government will soon notify the Data Protection Board...