Foxconn falls victim to ransomware attack! Hackers encrypt 1,200 servers and demand $34 million in Bitcoin ransom.
Foxconn's assembly and transportation plants in Mexico were hit by a ransomware attack. The attackers encrypted 1,200 servers, stole 100 GB of unencrypted files, and demanded a ransom of 1,804 BTC (valued at approximately $34 million) from Foxconn.
Table of Contents
Foxconn Hit by Ransomware Attack
According to the cybersecurity news website Bleeping Computer'sreport, Foxconn, responsible for electronic assembly and transportation in the Mexico region, was attacked by the DoppelPaymer ransomware over the Thanksgiving weekend (11/29). Hackers reportedly stole confidential files from Foxconn's Mexico division and further encrypted its devices and data, rendering them inaccessible. Following the attack, Foxconn's Mexico division's website has been shut down.
Payment of 1,800 Bitcoins as Ransom
Bleeping Computer stated that the attackers yesterday released some documents related to Foxconn's North American operations online. The leaked data includes routine business documents and reports but does not contain any financial information or personal employee data. On the other hand, sources provided Bleeping Computer with a ransom document created on Foxconn servers during the ransomware attack. The attackers in the document threaten Foxconn to pay 1804.0955 BTC as ransom for data recovery (currently valued at around $34,686,000).
Bleeping Computer contacted the DoppelPaymer attackers through a channel, and the organization confirmed that they did indeed attack Foxconn's North American branch on November 29 but did not attack the entire company. DoppelPaymer claims to have encrypted about 1,200 servers, stolen 100 GB of unencrypted files, and deleted 20-30 TB of backups during the attack.
Ransomware Attacks on the Rise
Ransomware and software attacks are on the rise, with IT security company BlackFog recording 28 ransomware attack incidents in November alone, affecting victims such as Mattel Toys, Manchester United Football Club, and Baltimore City Public Schools. Japanese gaming company Capcom also announced on November 4 that its network was breached, with hackers encrypting company data and devices, demanding a ransom of $11 million in Bitcoin to recover 2,000 devices encrypted in the Capcom network.
It is currently unclear whether Foxconn intends to pay the ransom. However, not paying the ransom and recovering data through other means may be more cost-effective. According to astudy by the UK security software company Sophos, on average, the cost for companies to pay ransom is twice as much as recovering data through other means.