The RansomHouse extortion gang claims to have stolen 450 GB of data from the chipmaker giant AMD in 2021 and threatens to leak it or sell it if the company will not pay the ransom.
The company has been added this week to the gang’s dark web leak site:
According to BleepingComputer, a RansomHouse partners has breached the network of AMD a year ago, but the leak site reports January 5th, 2022, as the date of the compromise.
RansomHouse launched its operation in December 2021, unlike other extortion group, the gang doesn’t encrypt data, but focuses on data theft to speed up its activity.
This means that threat actors did not infect AMD systems, but once obtained access to its networks had stolen internal data.
Allegedly stolen data includes corporate research and financial documents, but at this time the only published a few files containing information from an internal network likely collected during a reconnaissance phase.
One of the files, all_computers.csv, contains a list of over 77,000 machinese hosted on the AMD’s internal network. Another leaked file, sample_passwords.txt, includes a list of weak AMD user credentials, such as ‘password’, ‘P@ssw0rd’, and ‘amd!23.’
AMD is currently investigating the alleged security breach.
At the time of this writing the leak site includes the name of five organizations hit by the group:
Stay tuned …
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, RansomHouse)
[adrotate banner=”5″]
[adrotate banner=”13″]
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
This website uses cookies.