AMD is currently investigating a case where a ransomware group that is allegedly holding a ton of its data that was stolen from the chipmaker, for ransom. Specifically, the group is said to be ransoming more than 450Gb of data.
The ransomware and hacker group, which goes by the name RansomHouse, is relatively new to the scene, laid claim to the alleged treasure trove of information. In a press statement, AMD says that it is aware of the claim, and that it was already looking into it. As for when the breach occurred, it seems to have been executed on 5 January this year.
Strangely enough, RansomHouse claims on its site that it doesn’t deploy ransomware, nor does it execute attacks into a company’s servers. Instead, it serves as a go-between for other hackers and their unwilling victims, securing payments for the stolen data. Case in point, AMD and the threat actors that are currently being represented by RansomHouse.
The RansomHouse leak group has claimed today that they have data from chipmaker AMD.
Unverified. There were some rumors earlier this year that AMD was hit by ransomware, but they were never confirmed officially confirmed.
— Catalin Cimpanu (@campuscodi) June 27, 2022
Also, it should be noted that RansomHouse’s verbiage says that it was in possession of 450 “Gb” of date. Unless that’s a typo, that could translate as 450 Gigabits of data, which converted is just 56.25GB.
As for what was stolen, an ex-cybersecurity reporter by the name of Catalin Cimpanu (@campuscodi) attempted to verify what was stolen from the supposed breach. Based on his findings, the stolen data seemed to include “network files, system information, as well as AMD passwords”. What Cimpanu is uncertain of is whether the data was genuine or if it originated directly from an attack on AMD or one of its subcontractors.
To that end, Cimpanu is still yet unable to verify who the threat actors against AMD are.
Ransomhouse, on the other hand, says that it added AMD to its list of companies that have either “considered financial gain to be above the interests of their partners and individuals who have entrusted their data to them or have chosen to conceal the fact that they have been compromised. Simply put: the group is saying that AMD has yet to pay the ransom.
Attacks of tech giants like AMD are both crucial and obviously important to said companies. Some of you may remember back in August of last year, Gigabyte, one of AMD’s board partners, became a victim of the hacker group, RansomExx, when they made off with 112GB of worth of data, all stolen from their servers, and then proceed to ransom it back to the company.
But when Gigabyte refused to pay it, the threat actors released the stolen data on to the internet; turns out, the stolen data actually contained information of AMD’s Zen4 CPU lineup that at the time, was considered to be sensitive and private information.
(Source: Tom’s Hardware)