The RansomHouse extortion gang claims to have stolen 450 GB of data from the chipmaker giant AMD in 2021 and threatens to leak it or sell it if the company will not pay the ransom.
The company has been added this week to the gang’s dark web leak site:
According to BleepingComputer, a RansomHouse partners has breached the network of AMD a year ago, but the leak site reports January 5th, 2022, as the date of the compromise.
RansomHouse launched its operation in December 2021, unlike other extortion group, the gang doesn’t encrypt data, but focuses on data theft to speed up its activity.
This means that threat actors did not infect AMD systems, but once obtained access to its networks had stolen internal data.
Allegedly stolen data includes corporate research and financial documents, but at this time the only published a few files containing information from an internal network likely collected during a reconnaissance phase.
One of the files, all_computers.csv, contains a list of over 77,000 machinese hosted on the AMD’s internal network. Another leaked file, sample_passwords.txt, includes a list of weak AMD user credentials, such as ‘password’, ‘[email protected]’, and ‘amd!23.’
AMD is currently investigating the alleged security breach.
At the time of this writing the leak site includes the name of five organizations hit by the group:
Stay tuned …
Follow me on Twitter: @securityaffairs and Facebook
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, RansomHouse)