Compal, the Taiwanese giant laptop manufacturer hit by ransomware

The Taiwanese electronics manufacture Compal suffered a ransomware attack over the weekend, media blames the DoppelPaymer ransomware gang.

Compal Electronics is a Taiwanese original design manufacturer (ODM), handling the production of notebook computers, monitors, tablets and televisions for a variety of clients around the world, including Apple Inc., Acer, Lenovo, Dell, Toshiba, Hewlett-Packard and Fujitsu. It also licenses brands of its clients. It is the second-largest contract laptop manufacturer in the world behind Quanta Computer.

Compal suffered a ransomware attack over the weekend, a screenshot of the ransom note shared by the employees of the company is circulating online.

Responsible for the breach is believed to be the DoppelPaymer ransomware gang, according to a screenshot of the ransom note shared by Compal employees with Yahoo Taiwan reporters and reported by ZDNet.

ZDNet reviewed the ransom note and confirmed that the ransomware gang behind the attack could be the DoppelPaymer crew.

The cyber attack took place over the weekend and was discovered on Sunday morning, according to local media it might have impacted around 30% of Compal’s computer fleet. In response to the incident, the company network was shut down to avoid the ransomware from spreading

“It is understood that the information security personnel had an emergency meeting in Xu Shengxiong’s chairman’s room early in the morning to discuss solutions, because the IT staff discovered from Sunday that the internal network was abnormal, but it continued to affect it on Monday, and the company’s internal company also posted A letter teaches employees how to deal with abnormal computers.” reported Yahoo Taiwan finance. “According to the Internet PTT, 30% of the computers have been hit. A bunch of employees fell early, the internal network was completely disconnected, and the network was disconnected late.”

On Monday, employees that returned to work received a notice from Compal’s IT staff asking them to check the status of their workstations and back up important files on systems that were not infected with the ransomware.

The company is working to recover the impacted systems using the backups.

Today, Compal Deputy Manager Director Qingxiong Lu disclosed the security breach but explained that the network issues were not caused by a ransomware attack. The executive pointed out that the Compal production lines were not impacted by the cyber attack.

“[the company] is not being blackmailed by hackers as it is rumored by the outside world,” Qingxiong Lu told local media.

The company s expected to fully recover its impacted systems today.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Compal)

[adrotate banner=”5″]

[adrotate banner=”13″]