Conti Gang Hits IoT Chipmaker Advantech with $14M Ransom Demand

2020-11-30 21:19

Advantech, the chip manufacturer, has confirmed that it received a ransom note from a Conti ransomware operation on Nov. 26 demanding 750 Bitcoin, which translates into about $14 million, to decrypt compromised files and delete the data they stole.

Professionalized ransomware groups including Conti, Ragnar Locker, Maze, Clop and others have been exploiting security holes created by the emergency shift to remote work due to the pandemic, coupled with well-publicized leak sites to wreak havoc and wring millions out of unsuspecting companies like Advantech.

"In August 2020, the Conti ransomware group created a data leak website, called Conti.News, following the trend of other highly successful ransomware variants, such as Maze, Sodinokibi and NetWalker," Digital Shadows threat researcher Kacey Clark told Threatpost.

"Ryuk version 2 code and Conti ransomware code maintain notable similarities, the Conti ransom note uses the same template utilized in early Ryuk ransomware attacks and Conti ransomware operators appear to leverage the same TrickBot infrastructure used in Ryuk ransomware attacks," she said.

Kaspersky researchers released a report Monday that said ransomware will be one of cybersecurity's biggest threats in the year ahead, and pointed specifically to leak sites as the single biggest factor driving up ransom prices.

News URL

https://threatpost.com/conti-iot-chip-advantech-ransom-demand/161691/

#advantech #chipmaker #IOT #ransom

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Advantech		48	5	138	94	52	289