DoppelPaymer ransomware operators infected the systems at a Mexican facility of Foxconn electronics giant over the Thanksgiving weekend.
The plan is located in Ciudad Juárez, Chihuahua, Mexico.
The hackers also claim to have stolen unencrypted files before encrypting the targeted systems.
Foxconn manufactures electronic products for major American, Canadian, Chinese, Finnish, and Japanese companies. The list of products manufactured by the company includes the BlackBerry, iPad, iPhone, iPod, Kindle, Nintendo 3DS, Nokia devices, Xiaomi devices, PlayStation 3, PlayStation 4, Wii U, Xbox 360, Xbox One, and several CPU sockets, including the TR4 CPU socket on some motherboards.
The electronics manufacturing giant has over 800,000 employees worldwide, it recorded revenue of $172 billion in 2019.
BleepingComputer first reported the news of the attack, now the DoppelPaymer ransomware published files belonging to Foxconn NA on their leak site.
“The leaked data includes generic business documents and reports but does not contain any financial information or employee’s personal details.” reported BleepingComputer. “Sources in the cybersecurity industry have confirmed that Foxconn suffered an attack around November 29th, 2020, at their Foxconn CTBG MX facility located in Ciudad Juárez, Mexico.”
BleepingComputer obtained a copy of the ransom note, DoppelPaymer ransomware operators are demanding a 1804.0955 BTC ransom (approximately $34,686,000). The hackers claim to have encrypted about 1,200 servers and stole 100 GB from Foxconn.
After the ransomware attack, the website of the Mexican facility went down, the attackers claim to have destroyed approximately 20-30TB of data.
The list of victims of the DoppelPaymer ransomware is long and includes Bretagne Télécom. Compal, the City of Torrance (California), Hall County in Georgia, Newcastle University, and PEMEX (Petróleos Mexicanos).
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Foxconn)
[adrotate banner=”5″]
[adrotate banner=”13″]
Experts found two vulnerabilities in the vBulletin forum software, one of which is already being…
Security Affairs Malware newsletter includes a collection of the best articles and research on malware…
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…
Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise…
Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…
This website uses cookies.
![](data:image/svg+xml;charset=utf-8,<svg height="411px" width="529px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
