A giant from the electronics industry, Foxconn electronics suffered a massive ransomware attack over the Thanksgiving weekend, which saw the attackers steal unencrypted files before encrypting devices.
With a recorded revenue of $172 billion in 2019 and over 800,000 employees worldwide, Foxconn is one of the largest electronics manufacturing companies globally. Its subsidiaries include Sharp Corporation, Innolux, FIH Mobile, and Belkin.
Earlier this week the DoppelPaymer ransomware published the stolen files from Foxconn electronics on their ransomware data leak site. The leaked data does not contain any financial information or employee’s personal details, only included generic business documents and reports.
As confirmed from various sources, the electronics giant suffered an attack close to November 29th, 2020, at their Foxconn CTBG MX facility located in Ciudad Juárez, Mexico.
Since the attack, the facility’s website has been down and shows the below error to its visitors.
The ransom note created on Foxconn servers during the ransomware attack, as can be seen below.
The link to Foxconn’s victim page on DoppelPaymer’s Tor payment site where the threat actors are demanding a 1804.0955 BTC ransom or approximately $34,686,000 at today’s bitcoin prices has been included in the ransomware note.
The ransomware gang themselves confirmed in an interview that they attacked Foxconn’s North America facility on November 29th but did not attack the whole company.
The threat actors claim to have encrypted about 1,200 servers, stole 100 GB of unencrypted files, and deleted 20-30 TB Of backups as a part of this attack.
“We encrypted NA segment, not whole Foxconn, it’s about 1200-1400 servers, and not focused on workstations. They also had about 75TB’s of misc backups, what we were able to – we destroyed (approx 20-30TB),” As told by Doppelpaymer in the Interview.
Foxconn also confirmed the attack and said they are slowly bringing their systems back into service.
The list of other doppelpaymer victims from the past include – Compal, PEMEX (Petróleos Mexicanos), the City of Torrance in California, Newcastle University, Hall County in Georgia, Banijay Group SAS, and Bretagne Télécom.
To read more, please check eScan Blog
