Conti Ransomware Attack on Advantech Industrial Computers


Taiwan-based Advantech Co LTD that deal with Industrial Computers has reportedly been hit by a ransomware attack, and sources say that those spreading Conti Ransomware are suspected to be involved behind the incident.

According to sources, the hackers are demanding a ransom of over 750 bitcoins or $13.8 million in exchange of the decryption key. And if/when denied the ransom is threatening to leak over 2% (3.65GB) of stolen overall data to the dark web.

Advantech is known to supply industrial computers, and that includes servers, internet of things devices and healthcare solutions to firms managing critical infrastructures.

In what is known to Cybersecurity Insiders, the Conti Ransomware attack (unconfirmed) took place on November 19, 2020, and the IT team was quick enough to contain the malware spread. However, sources say that the threat actors stole data from the servers and encrypted some databases.

As the IT staff of Advantech failed to pay the ransom, the threat actors leaked a portion of data to the dark web on Nov 27th, 2020.

Advantech has confirmed that it will not bow down to the demands of hackers and will approach the law enforcement for the solution to the data leak.

Conti Ransomware is a kind of file encrypting malware that first steals data and then encrypts a database until a ransom is paid in millions. Sometimes, businesses might not only loose the trust of clients, but can also have to shut down the business on a permanent note because of monetary loss.

From July this year, the said malware was detected by the security firms and some say that this is a successor to RYUK Ransomware and is being distributed on pay as peruse basis by hacking gangs.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display