30 November 2020

Chip maker Advantech hit by a Conti ransomware attack


Chip maker Advantech hit by a Conti ransomware attack

Hackers behind the Conti ransomware operation infected systems of industrial automation and Industrial IoT (IIoT) chip manufacturer Advantech and are now demanding a 750 BTC (approx. $14M) ransom for a decryptor to restore encrypted systems and to stop stolen data leakage.

According to a chat log and a ransomware note seen by Bleeping Computer, on November 26 the Conti gang posted on their leak site a 3.03GB archive (2% of the stolen Advantech's data) and a text file containing a list of files included in the ZIP archive. The Conti operators also said that if the ransom is paid they will remove any backdoors deployed on the company's network and delete the stolen data.

The Conti ransomware was first spotted in the wild in December 2019, and has become increasingly common in recent months, targeting corporate and government networks. The malware spreads through networks laterally using a range of techniques, such as the Windows Restart Manager to ensure that all files can be encrypted.

In August this year, the group launched their own leak site, where they publish data stolen from victims, following the steps of other ransomware groups who operate such sites, including CLOP, Darkside, DoppelPaymer, Maze, Mespinoza (Pysa), Nefilim, NetWalker, RagnarLocker, REvil (Sodinokibi), and Sekhmet.

Back to the list

Latest Posts

Twitch downplays extent of the recent breach, says only small number of customers affected

Twitch downplays extent of the recent breach, says only small number of customers affected

Twitch said that no login credentials or full credit card info data belonging to users or streamers were exposed in the data breach.
18 October 2021
REvil goes off the radar after group’s Tor sites were hijacked

REvil goes off the radar after group’s Tor sites were hijacked

At present, it is unknown who compromised the gang servers.
18 October 2021
US security agencies say ransomware hackers targeted 3 different US water facilities in 2021

US security agencies say ransomware hackers targeted 3 different US water facilities in 2021

Over the past few months, hackers have targeted wastewater plants in California, Maine and Nevada with ransomware attacks.
18 October 2021