Delta Electronics hit by Conti ransomware
Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. Delta Electronics operates as a contractor for major tech giants such as Apple, Tesla, HP, and Dell.
According to the company, the security breach did not impact its operation
According to the company, the security breach did not impact its operation, it already notified local authorities.
“It is understood that Delta detected that the server was attacked by foreign hackers around 6:00 am yesterday and immediately activated the information security response and defense mechanism. Perform restore operations. ” states the data breach notification published by the company.
Delta said the main services affected are non-critical systems, which are gradually resuming operations. At present, the assessment does not have a significant impact on the company’s operations and has notified government law enforcement and security units. information to assist in the following operations: and will continue to improve network and security Information infrastructure security control to ensure data security. ”
The company is restoring its systems after the attack and is investigating the intrusion with the help third-party cybersecurity experts.
no details about the attack or the malware
According to CTWANT, which cited an undisclosed information security company, Delta Electronics was hit by Conti ransomware that asked Delta to pay a $15 million ransom to restore encrypted files and avoid their leak.
“On January 26, 2022, the malware intelligence team collected a sample of the Conti ransomware with a hash value of 5ace33358a8b11ae52050d02d2d6705f04bd47a27c6c6e28ef65028bbfaf5da9.” reported a statement from the security company cited by CTWANT. “According to the report, the sample may have been used in an attack on Taiwanese electronics manufacturing company Delta Electronics Inc. The hacker group claimed to have deployed the ransomware around January 21, 2022 and demanded a ransom of $15 million (approximately NT$412 million). Of the 65,000 computers in Delta’s network, about 1,500 servers and about 12,000 computers are encrypted.”
Conti operators run a private Ransomware-as-a-Service (RaaS), the malware appeared in the threat landscape at the end of December 2019 and was distributed through TrickBot infections. Experts speculate the operators are members of a Russia-based cybercrime group known as Wizard Spider.
Since August 2020, the group has launched its leak site to threaten its victim to release the stolen data. Conti operators claimed to have already compromised at least 500 organisations worldwide.
In December 2021, the Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks against multiple Australian organizations from various sectors since November.
The ACSC also published a ransomware profile for the Conti gang that contains information about the operations of the group, including mitigations.
In September, CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) also warned of an increased number of Conti gang attacks against US organizations.
The post Delta Electronics, a tech giants’ contractor, hit by Conti ransomware appeared first on Security Affairs.