Foxconn Hit By Ransomware Actors Who Demand $34 Million

• Foxconn, the “maker of everything,” had a nasty ransomware disruption on the Mexican facilities.
• The company didn’t make anything about the incident public, but the first stolen data has leaked now.
• The actors are “DoppelPaymer,” and they are demanding a payment of $34 million in BTC.

Foxconn, the world’s largest electronic device manufacturer - who is contracted by Apple, Microsoft, Nintendo, Sony, Nokia, Amazon, Huawei, Sharp, Cisco, Dell, HP, Intel, Motorola, Sega, Toshiba, Xiaomi, and many more - had a ransomware infection. The hackers targeted the firm’s Mexico-based facility in Ciudad Juárez, which manufactures mobile phones, set-top boxes, and LCD TVs.

The attack occurred on November 29, 2020, but the particular facility’s website remains down, returning an HTTP Status 404 (not found). This indicates that the problem is ongoing, and the electronics giant’s product may have been severely impacted for over a week now.

According to BleepingComputer, it was DoppelPaymer who launched the attack against Foxconn and who demand 1804.0955 BTC in ransom. That’s about $34 million, which is a pretty huge ransom. Sure, Foxconn has a yearly revenue counted in trillions, but the actors have only impacted a small part of the company’s operation.

In Mexico alone, Foxconn operates three facilities, and in China, the company has 12 factories. More production units are found in Brazil, India, Japan, Malaysia, South Korea, the United States, and Europe.

DoppelPaymer claims that they encrypted 1,200 servers and stole 100 GB of unencrypted files from the company. Moreover, they proceeded to delete about 30 TB of data stored in the form of backups.

They eventually encrypted the target segment but left workstations untouched. Foxconn was given three business days to respond before the first data leak is published and 21 days before the systems are rendered permanently non-recoverable.

Although Foxconn hasn’t admitted anything publicly yet, DoppelPaymer has indeed leaked samples of data that is quite generic and doesn’t contain very damaging or sensitive information. Financial details, contracts, and personal details of employees could follow soon, though, as this is how the typical extortion process unfolds.

DoppelPaymer has recently compromised another Chinese electronics maker, ‘Compal,’ demanding a humongous ransom of 1,000 Bitcoins. It is clear that these giants have no margin for abatement on their network security as ransomware actors are storming their barricades all the time, and especially during the weekend. Whether or not Compal has paid the amount or if Foxconn is planning to pay anything to the hackers remains unknown at this time.