IPG Photonics, a leading U.S. developer of fiber lasers, amplifiers, and laser systems has been hit with a ransomware attack that shut down the company’s information technology systems resulting in disruption of email, phones, and network connectivity in the offices. The attack also impacted IPG Photonics’ manufacturing and shipping processes.
According to Bleeping Computer that first reported the news, the attack involved the RansomExx strain of ransomware also known as Ransom X. RansomExx is believed to be a newer version of the Defray777 ransomware. RansomExx activity has spiked in June this year, over the past few months the malware has claimed several victims, including the Texas Department of Transportation (TxDOT) and Konica Minolta.
Like other RansomExx’s campaigns, the ransom note tells victims to not contact law enforcement as ransom payments could be blocked. The message also states that the attackers have stolen data from "TFS repositories and something else."
The RansomExx operators do not have a ransomware data leak site, and there are no known cases of the attackers releasing victim's' stolen data.