The hackers who broke into Gigabyte’s computer systems more than a week ago have made some of the stolen data public. A dataset of 7 GB was put online by the attackers on a hacker forum on the dark web. The dataset included confidential information about AMD and Intel.
About two weeks ago, Gigabyte was the target of a ransomware attack . A spokesperson confirmed that a small number of servers had been affected. This forced the Taiwanese technology company to take a number of systems offline. Several websites were temporarily unavailable as a result, including the customer service and department that handles returned products.
The attackers are rumoured to have stolen 112 GB of confidential data. These would include confidential agreements between business partners, including AMD, Megatrends and Intel. The hackers threatened to make this data public unless Gigabyte paid an undisclosed ransom. “The files are ready to be published,” the perpetrators threatened.
Soon after the ransomware attack took place, the name RansomEXX surfaced. Members of this hacker group are said to be responsible for the attack. Gigabyte has never officially confirmed this. After today, we know that they are indeed behind the ransomware attack.
CyberNews was the first to see a message on the hackers’ website, which is accessible to everyone. After that, the announcement was moved to a hacker forum on the dark web . Anyone who has access to the forum can download a 7 GB dataset for free. This set consists of two parts. The first part is about the American technology company AMD, the second part concerns chip manufacturer Intel.
According to the person who posted the message on the hacker forum, the data includes confidential documents from AMD, details about the upcoming SP5 socket and Genoa server processors with Zen 4 cores, and the source code of Intel’s Manageability Commander software. There is also reportedly company information about Gigabyte itself in the archive. According to CyberNews, the dataset does not contain any personal data or other privacy-sensitive information such as payment details.
RansomEXX most likely put the dataset online because Gigabyte refused to pay the ransom. By making some of the stolen information public, the perpetrators want to increase the pressure on the Taiwanese tech company. These evil intentions are apparent from the excerpt of the forum post below.
“It’s over and over with the fun.
When your files are published.
Prepare your lawyers, or contact us before that happens.”
Whether Gigabyte will pay ransom to RansomEXX after this publication is unknown. The hackers threaten to make more data public if the tech company does not comply with its demands.
Catch up on more articles here
Follow us on Twitter here