News

DoppelPaymer ransomware attacked Foxconn Mexican division

Bleeping Computer reported that two weeks ago, on Thanksgiving Day, the DoppelPaymer ransomware attacked Foxconn Mexican division. Attackers demand from. the largest electronics manufacturer 34 million dollars ransom.

Recently, DoppelPaymer operators published files belonging to Foxconn NA on their website. This leak includes only business documents and reports, and does not contain any financial information or personal data of employees.

The journalists’ own sources in the information security industry confirm that Foxconn was attacked around November 29, 2020, and the target of the hackers was the Foxconn CTBG MX plant located in Ciudad Juarez, Mexico.

This facility opened in 2005 and is used by Foxconn to assemble and deliver electronic equipment to all regions of South and North America. After the attack, the site of the plant did not work and is still showing visitors an error.

Let me remind you that in the summer DopplePaymer ransomware operators hacked NASA contractor.

Also, Bleeping Computer’s own sources shared with the publication a ransom note that the ransomware left on Foxconn’s servers. As you can see from the text below, the attackers are demanding a ransom from the company in the amount of 1804.0955 BTC, that is, approximately $34,686,000 at the current exchange rate.

In a conversation with reporters, DoppelPaymer operators confirmed that they attacked Foxconn’s North American facility on November 29 and did not attempt to attack the entire company. At the same time, the attackers claim to have encrypted about 1200 servers, stole 100 GB of unencrypted files, and deleted 20-30 TB of backups.

“We encrypted NA, not the entire Foxconn, which is roughly 1200-1400 servers, plus we weren’t targeting workstations. They also had about 75 TB of different backups, which we were able to destroy about 20-30 TB”, the DoppelPayment operators say.

Foxconn representatives confirmed to the publication that the attack took place and said that specialists are now gradually returning the affected systems to work.

“We are conducting an investigation of the incident together with technical experts and law enforcement agencies to determine all the consequences of this offense and identify the perpetrators in order to bring them to justice”, — the company says.

Let me also remind you that DoppelPaymer operators published in the public domain Boeing, Lockheed Martin, SpaceX and Tesla documents.

Foxconn is the world’s largest electronics manufacturer, with revenue of $172,000,000,000 in 2019 and more than 800,000 employees worldwide. Foxconn subsidiaries include Sharp Corporation, Innolux, FIH Mobile and Belkin.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Kurlibat.xyz pop-up ads (Virus Removal Guide)

Kurlibat.xyz is a site that tries to trick you into clik to its browser notifications…

14 hours ago

Remove Initiateintenselyrenewedthe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyrenewedthe-file.top is a domain that tries to trick you into clik to its browser notifications…

15 hours ago

Remove Wotigorn.xyz pop-up ads (Virus Removal Guide)

Wotigorn.xyz is a site that tries to force you into subscribing to its browser notifications…

15 hours ago

Remove Initiateintenselyprogressivethe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyprogressivethe-file.top is a domain that tries to force you into clik to its browser notifications…

15 hours ago

Remove Nuesobatoxylors.co.in pop-up ads (Virus Removal Guide)

Nuesobatoxylors.co.in is a domain that tries to trick you into subscribing to its browser notifications…

18 hours ago

Remove Helistym.xyz pop-up ads (Virus Removal Guide)

Helistym.xyz is a site that tries to force you into clik to its browser notifications…

19 hours ago