GIGABYTE Admits Falling Victim to a Ransomware Attack

  • GIGABYTE has admitted a cybersecurity incident has disrupted its website uptime for a while.
  • The ransomware group ‘RansomEXX’ has taken responsibility and leaked some sample documents.
  • The hardware maker stated that the attack was thwarted immediately and that no adverse effects are to be expected.

GIGABYTE, the Taiwanese motherboards and graphics card manufacturer that is among the leaders of computer hardware vendors globally, has confirmed a ransomware attack on its systems but clarified that the incident doesn’t affect its sales, services, or production operations.

The statement that was shared with local media outlets describes a rapid defensive response to the attacks and an equally speedy restoration of the affected systems, which were allegedly limited in numbers. Indeed, for a brief period on Tuesday and Wednesday, some of the company’s websites went offline.

Although the firm hasn’t named the actors responsible for this, Bleeping Computer reports that the dark web portal of the ‘RansomEXX’ ransomware gang has posted a relevant listing, threatening to publish 112 GB of data they stole from GIGABYTE unless their ransom demands are met.

According to the same source, the sample leaked as proof of the data breach includes non-disclosure agreements, an AMD revision guide, an American Megatrends debug document, and an Intel “Potential Issues” document.

Source: Bleeping Computer

We cannot possibly confirm the authenticity of this data and whether or not they were really stolen from GIGABYTE’s compromised servers. Still, if the actors leaked the least damaging files, for starters, it doesn’t look good for the Taiwanese company. Also, the notice is pretty aggressive, warning the victim that they only got one chance to resolve this or the ransom amount will be doubled.

‘RansomEXX’ isn’t the most active ransomware gang out there, yet they are keen on targeting big entities that could potentially yield significant amounts in ransom payments. Back in December 2020, the group launched a successful attack against Embraer, the largest aerospace and aeronautical company in Brazil.

As for Taiwanese tech firms and their lucrativity as targets of ransomware groups, they are very high on the list of candidates for a number of reasons. In summary, they are economically strong companies that can’t afford to have disruptions in their production at the moment, so they are more likely to pay the demanded ransom without much negotiation. This is why we recently saw ‘Ragnar Locker’ attacking ADATA, ‘REvil’ delivering a blow to Acer, and ‘DoppelPaymer’ targeting Compal Electronics.

REVIEW OVERVIEW

Latest

Why Is Demon Slayer So Popular?

In August 2019, the world suddenly started talking about an anime series that had just released its nineteenth episode. Fast forward to...

F1 Live Stream 2022: How to Watch Formula 1 Without Cable

There's not much time until the 2022 Formula 1 World Championship gets underway - the first race is scheduled for late March,...

Disney+ Announces Basketball Series Inspired By Award-Winning Book The Crossover

Disney Plus announced a new basketball-themed drama series that is set to land on the streaming platform, drawing inspiration from the critically...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari