[German]Taiwan-based motherboard manufacturer GIGABYTE has fallen victim to a ransomware attack by the RansomEXX group. The RansomEXX gang is now threatening to make captured files in the amount of 112 GBytes public unless a ransom is paid.
Gigabyte Technology is a Taiwanese computer hardware manufacturer, best known for its motherboards and graphics cards. This company has become a victim of a successful ransomware attack. The attack is reported by both Bleeping Computer and The Record (see the following tweet).
According to this article from The Record, Gigabyte's production should not be affected. Only some internal servers at the Taiwanese headquarters are believed to have been affected and have since been shut down or isolated. Currently, Gigabyte is investigating how the hackers penetrated its systems, stole files and encrypted local copies. Local law enforcement agencies have also been notified.
The vendor did not reveal any information about the details of the ransomware attack. However, The Record was able to view captured documents on the Darknet from the RansomEXX gang, which claims the attack. It states:
We have downloaded 112 GB (120,971,743,713 bytes) of your files and we are ready to PUBLISH it.
Many of them are under NDA (Intel, AMD, American Megatrends).
Leak sources: [redacted]gigabyte.intra, git.[redacted].tw and some others.Message on RansomExx extortion page
The attack was confirmed by Gigabyte, according to this Chinese website. The attack occurred during the night from Tuesday to Wednesday and forced the company to shut down several systems in Taiwan. This also affects several of the company's websites, including the support site and parts of the Taiwanese website. More details about RansomExx etc. can be read at Bleeping Computer.