430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia 

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. It […]

Nexperia

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company.

The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data.

Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. It is a subsidiary of the partially state-owned Chinese company Wingtech Technology. It has front-end factories in Hamburg, Germany, and Greater Manchester, England. The company’s product range includes bipolar transistors, diodes, ESD protection, TVS diodes, MOSFETs, and logic devices.

The chipmaker has 14,000 employees as of 2024.

The Dark Angels ransomware group added Nexperia to the list of victims on its Tor leak site. According to the announcement, the stolen data includes:

- 285 Gb of quality control data
- 24 Gb - 896 client folders, many famous brands like SpaceX, IBM, Apple, Huawei, etc.
- 139 Gb project data, very detailed and highly confidential: NDA, internal documents, trade secrets, design, specifications, manufacturing
- 49 Gb industrial production data and instructions
- Assessment of the product's competitiveness in comparison with competitors
- 45 Gb engineers' experience and studies
- 20 Gb product management
- 201 Gb semiconductor manufacturing technologies
- 70 Gb semiconductor commercial marketing data
- 26 Gb pricing, analysis, price books
- 20 Gb HR department, employee data, personal data, passports, contracts, diplomas, salaries, insurance.
- 18 Gb .dwg - 38295 pcs - drawings and schematics of chips, microchips, transistors, etc. All data is confidential, contains trade secrets.
- 30 Gb user data
- production line settings
- repository with equipment configures
- 26 Gb machine operation logs
- 1.2 Gb AWACS software
- 13 Gb .esm files
- 1.9 Gb .job files
- 3 Gb .svn-base
- 101 Gb - .pst files
- 1.5 Gb - NDA

The group published a set of files as proof of the security breach and threatens leak all the stolen data if the victim will not pay the ransom. 

The chipmaker confirmed it became aware of the unauthorized access to certain Nexperia IT servers in March 2024.

In response to the incident, the company disconnected the affected systems from the internet to prevent the threat from spreading. The Nexperia launched an investigation into the security breach with the help of third-party cybersecurity experts.

“we have reported the incident to the competent Authorities, including the ‘Autoriteit Persoonsgegevens’ and the police, and are keeping them informed of the progress of our investigation.” reads the press statement published by the company. “Together with our external cybersecurity expert FoxIT, Nexperia continues to investigate the full extent and impact of the matter and we are closely monitoring the developments. In the interest of the ongoing investigation, we cannot disclose further details at this point.”

In September 2023, the Dark Angels ransomware group hacked Johnson Controls and demanded a $51 million ransom.

(SecurityAffairs – hacking, Nexperia )

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini