Acer and Apple aren’t the only big PC brands reeling from ransomware attacks in recent times. Bleeping Computer and United Daily News report that Taiwan-based Gigabyte suffered a ransomware attack between August 3rd and August 4th. The company only confirmed that it shut down IT infrastructure and that a handful of servers were affected, but there are hints the attack might have been worse.
According to Bleeping Computer sources, the extortion gang RansomEXX claimed to have stolen 112GB of sensitive internal data as well as info from a code repository. This includes Intel and AMD chip information as well as a debug document. The breach is known to have affected both the Gigabyte support page and parts of the Taiwanese page.
Gigabyte said it contact law enforcement, but didn’t say if it would pay the ransom.
RansomEXX started in 2018 under the Defray name, but rebranded in 2020 and has been targeting increasingly higher-profile organizations, including the Brazilian government, Texas’ Department of Transportation and Ecuador’s state-led telecom. It’s not believed to be associated with the REvil group that attacked Acer as well as Apple supplier Quanta.
It’s not surprising that PC companies would face these attacks. They not only have the money to pay ransoms, but a raft of technological secrets they’re eager to protect. However, the string of attacks is still concerning. Apart from the short-term financial hit, there’s also a concern these attacks could leak trade secrets that do long-term damage.