U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

DoppelPaymer ransomware gang hit Foxconn electronics giant

Electronics contract manufacturer Foxconn is the last victim of the DoppelPaymer ransomware operators that hit a Mexican facility. DoppelPaymer ransomware operators infected the systems at a Mexican facility of Foxconn electronics giant over the Thanksgiving weekend. The plan is located in Ciudad Juárez, Chihuahua, Mexico. The hackers also claim to have stolen unencrypted files before encrypting […]

DoppelPaymer ransomware gang hit Foxconn electronics giant

Electronics contract manufacturer Foxconn is the last victim of the DoppelPaymer ransomware operators that hit a Mexican facility.

DoppelPaymer ransomware operators infected the systems at a Mexican facility of Foxconn electronics giant over the Thanksgiving weekend.

The plan is located in Ciudad Juárez, Chihuahua, Mexico.

The hackers also claim to have stolen unencrypted files before encrypting the targeted systems.

Foxconn manufactures electronic products for major American, Canadian, Chinese, Finnish, and Japanese companies. The list of products manufactured by the company includes the BlackBerry, iPad, iPhone, iPod, Kindle, Nintendo 3DS, Nokia devices, Xiaomi devices, PlayStation 3, PlayStation 4, Wii U, Xbox 360, Xbox One, and several CPU sockets, including the TR4 CPU socket on some motherboards.

The electronics manufacturing giant has over 800,000 employees worldwide, it recorded revenue of $172 billion in 2019.

BleepingComputer first reported the news of the attack, and now the DoppelPaymer ransomware has published files belonging to Foxconn NA on their leak site.

“The leaked data includes generic business documents and reports but does not contain any financial information or employee’s personal details.” reported BleepingComputer. “Sources in the cybersecurity industry have confirmed that Foxconn suffered an attack around November 29th, 2020, at their Foxconn CTBG MX facility located in Ciudad Juárez, Mexico.”

BleepingComputer obtained a copy of the ransom note. DoppelPaymer ransomware operators are demanding a 1804.0955 BTC ransom (approximately $34,686,000). The hackers claim to have encrypted about 1,200 servers and stolen 100 GB from Foxconn.

After the ransomware attack, the website of the Mexican facility went down, and the attackers claimed to have destroyed approximately 20-30TB of data.

The list of victims of the DoppelPaymer ransomware is long and includes Bretagne Télécom. Compal, the City of Torrance (California), Hall County in Georgia, Newcastle University, and PEMEX (Petróleos Mexicanos).

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Foxconn)