Retailers, hospitals, and financial institutions tend to be the targets of choice for the hackers of the world. Of course they’re not the only targets. The simple truth is that any company can find itself in the cross hairs of a hacker.
The most recent victim is Taiwanese motherboard manufacturer Gigabyte. In addition to shutting down manufacturing operations in Taiwan the attack also took a number of the company’s web-based systems. They include its online support and the Taiwanese website itself.
The investigation into the matter is ongoing. The early indications are that the company fell victim to the RansomEXX strain of ransomware. In addition to locking files on a number of Gigabyte’s network devices, the hackers made off with some 112 GB of data. The hackers have published portions of this data on their own website on the Dark Web as proof that they were indeed behind the attack.
The Ransom EXX strain has an interesting history. It began life in 2018 as a strain called Defray. For the first couple of years of its life, it gained little traction among the hackers of the world. It wasn’t used in many high-profile attacks.
It seemed to go dormant and re-emerged in 2020 as RansomEXX with a raft of new capabilities. It is not clear whether it was abandoned and picked up by a new hacker group or the original Defray authors used their initial experiments to refine the code. In its current form, RansomEXX is a dangerous threat indeed and is capable of infecting both Windows- and Linux-based systems
The group controlling the malware has used it to attack a number of high-profile targets in recent weeks, including:
- The Texas state Department of Transportation
- The Brazilian Government
- IPG PhotonicsAnd more. Be on your guard against this one. You definitely don’t want to be the hackers’ next victims.