Hackers Threaten To Leak Sensitive Intel, AMD Files In Gigabyte Ransomware Attack

Gigabyte Technology, a Taiwanese computer hardware company, has been the target of a ransomware attack by the hacker group RansomEXX, which has threatened to release more than 100 GB of material taken from the company, including confidential Intel and AMD documents, if it does not pay the ransom.

Multiple attacks on the Taiwan-based company’s help sites apparently occurred last week, resulting in the company’s official site’s temporary inaccessibility and the unavailability of its support sites. The event led the company to shut down its Taiwanese systems, as well as parts of its official and support websites.

Gigabyte confirmed the ransomware attack via the Chinese news site United Daily News on Friday. However, the company claims that just a small percentage of its systems were affected. The problem has already been reported to local authorities.

The IT firm revealed only a few details regarding the malicious effort. At this time, it is unclear whether Gigabyte will take the hacker group’s request into account. It’s also unclear what the gang wants in return for the stolen information.

The hacking gang RansomEXX is said to be behind the attack, according to Bleeping Computer, a tech news and support site. On its non-public page, the site received a link from an unknown source. The aforementioned link, according to reports, links to a page stating that the ransom organization has 112 GB of data from Gigabyte, as well as various non-disclosure agreements.

Four screenshots containing confidential information were also obtained by the tech site, including an American Megatrends debug document, an AMD revision guide, an Ice Lake D SKU stack update plan, and an Intel “possible issues” document.

RansomEXX, formerly known as Defray, is a well-known ransomware gang. The majority of the time, hostile actors get access to secured networks by combining stolen network credentials with Remote Desktop Protocol vulnerabilities.

During the last two months, the ransomware group has been highly active. It recently conducted a cyberattack against Italy’s Lazio area and Ecuador’s Corporacion Nacional de Telecomunicacion.

Konica Minolta, IPG Photonics, Tyler Technologies, the Texas Department of Transportation, and Brazil’s government networks are among the corporations and organizations targeted by RansomEXX.