ADATA ランサムウェア攻撃-データがオンラインで流出
June 9, 2021
食品大手JBS Foodsがサイバー攻撃を受けて生産を停止
June 9, 2021

ADATA Ransomware attack – Data leaked online

ADATA which is one of the major memory storage manufacturers in Taiwan, suffered from a Ransomware attack late May. The attackers initially claimed to have stolen around 1.5TB of sensitive data.

ADATA is known to manufacture  DRAM modules, flash drives, hard disk drives, solid state drives, memory cards etc. 

In 2017 it ranked second when it comes to manufacturing of DRAM modules

After the attack confirmation, ADATA shut down all the affected systems and also ordered the internal organizations to investigate on the matter

It is believed that there has been no problem due the ransomware as ADATA business is not impacted as all the affected devices have already been restored.

700 GB of data leak – some posted online

It is believed that the download links of more than 700GB of data stolen from ADATA was posted online.

Ragnar Locker allegedly stole 1.5 TB of sensitive data from ADATA’s network before deploying the ransomware payload.

ADATA restore their affected systems without paying any ransom to the attackers leading to the attackers posting the data online. The gang has also threatened ADATA for posting the rest bits in case the ransom is not paid.

Attackers demanded more than 1500 bitcoins

The attackers have demanded more than 1500 bitcoins as a ransom from ADATA. ADATA has refused to pay the ransom and itself restored and recovered all the files.

It is also believed that the hackers offered help to the company in order to patch up their vulnerabilities and restore the data but the company denied and hence the samples were leaked leading to a perfect example of double extortion ransomware attacks.

Seeing the ever growing trend of Ragnar locker ransomware activity, below are some of the warnings issued by FBI:

  • Having more secure backups that do not have any kind of connectivity to the network
  • having all antiviruses up to date in order to detect the recent malware signatures
  • Using Multi factor authentication wherever possible
  • The endpoints, website should be up to date with the recent patches and plugins

Leave a Reply

Your email address will not be published. Required fields are marked *