The IIoT chip maker Advantech was hit by the Conti ransomware, the gang is now demanding over $13 million ransom from the company.
The Conti ransomware gang hit infected the systems of industrial automation and Industrial IoT (IIoT) chip maker Advantech and is demanding over $13 million ransom (roughly 750 BTC) to avoid leaking stolen files and to provide a key to restore the encrypted files.
Advantech has 8,000 employees worldwide and has reported a yearly sales revenue of over $1.7 billion in 2019.
The ransomware gang announced on November 21, 2020 the leak of stolen data if the chipmaker would not have paid the ransom within the next day.
As proof of the capability to restore the data, Conti ransomware operators are willing to decrypt two of the encrypted files.
On November 26, the ransomware operators began leaking the data stolen from Advantech, an archive of 3.03GB that accounts for 2% of the total amount of stolen data.
According to Bleeping Computer, the Conti ransomware gang also promised to remove any backdoors from the company’s network after the payment of the ransom. The operators also announced that the stolen data will be permanently removed from its servers and it will provide security tips on how to secure the network to prevent future infections.
Conti ransomware operators implement a private Ransomware-as-a-Service (RaaS), the malware appeared in the threat landscape at the end of December 2019 and was distributed through TrickBot infections.
Since August 2020, the group launched its leak site to threaten its victim to release the stolen data.
(SecurityAffairs – hacking, Advantech)
Share On
Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at “Cyber Defense Magazine”, Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog “Security Affairs” recently named a Top National Security Resource for US. Pierluigi is a member of the “The Hacker News” team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books “The Deep Dark Web” and “Digital Virtual Currency and Bitcoin”.
The IIoT chip maker Advantech was hit by the Conti ransomware, the gang is now demanding over $13 million ransom from the company.
The Conti ransomware gang hit infected the systems of industrial automation and Industrial IoT (IIoT) chip maker Advantech and is demanding over $13 million ransom (roughly 750 BTC) to avoid leaking stolen files and to provide a key to restore the encrypted files.
Advantech has 8,000 employees worldwide and has reported a yearly sales revenue of over $1.7 billion in 2019.
The ransomware gang announced on November 21, 2020 the leak of stolen data if the chipmaker would not have paid the ransom within the next day.
As proof of the capability to restore the data, Conti ransomware operators are willing to decrypt two of the encrypted files.
On November 26, the ransomware operators began leaking the data stolen from Advantech, an archive of 3.03GB that accounts for 2% of the total amount of stolen data.
According to Bleeping Computer, the Conti ransomware gang also promised to remove any backdoors from the company’s network after the payment of the ransom. The operators also announced that the stolen data will be permanently removed from its servers and it will provide security tips on how to secure the network to prevent future infections.
Conti ransomware operators implement a private Ransomware-as-a-Service (RaaS), the malware appeared in the threat landscape at the end of December 2019 and was distributed through TrickBot infections.
Since August 2020, the group launched its leak site to threaten its victim to release the stolen data.
(SecurityAffairs – hacking, Advantech)