Foxconn Ransomware Attackers Demanded $35 Million Payment In Bitcoin (BTC) to Decrypt Files
- Taiwanese electronic multinational company, Foxconn, is reportedly facing a ransomware attack.
- The hackers are asking for 1,804 Bitcoin payment, approximately $35 million.
According to reports from BleepingComputer, Foxconn, one of the largest electronic companies in the world, was faced with a ransomware attack by a popular hacking group, DopperPaymer. The report confirms the hack was first noticed on November 29th when the hackers gave the company 3 days to make a ransom payment to an unknown wallet address.
While the report stated that Foxxconn was negotiating with the hackers, DoppelPaymer released many documents, including generic business documents and reports, on Monday. No private information on employees or financial reports was published on the ransomware data leak site.
The attack is said to have happened at Foxconn CTBG MX facility located in Ciudad Juárez, Mexico, which controls America's regional business. The hackers have since encrypted the data and asked the company to pay 1,804.095 BTC, roughly $35 million at current market prices, to decrypt the company’s information.
Foxconn’s North America website has since been down with an error on the visitors’ page.
The hackers sent out a note on the ransom to be paid, directly on Foxconn’s servers –notifying them of the attack and how to make payment to their wallets. The note reads,
“Your account has been hacked. Your files, backups and shadow copies are unavailable until you pay for decryption tool. […] If no contact is made within 3 business days after the infection first portion of data will be shared to the public.”
The hackers further attached a Tor browser address that the company should use to complete the $35 million ransom.
According to BleepComputer’s statement, DoppelPaymer also carried out a series of attacks on over 1200-1400 servers, encrypted the North American regional data (not the whole company), and also were able to obtain about 75 TB of data backups – destroying approximately 20-30 TB of the data.
At this time, Foxconn confirmed with BleepingConmputer that the attack did happen, but they are slowly able to bring their systems back online.
Over the past year, ransomware attacks have increased substantially; the hackers prefer crypto payments such as masked BTC and Monero, a privacy coin, to fiat options. In September, BEG reported the Argentinian immigration office's ransomware attack whereby the hackers asked for $4 million in BTC. More recently, Enel Group faced a second ransomware attack with a 1234 BTC payment set by the hackers.
(Update: According to a Reuters report, Foxconn North American site's connection is back up running. The electronics firm further confirmed that the ransomware attack did not heavily disturb the company’s operations.)