A key part of Foxconn has been hit by the Lockbit ransomware

News
By Sead Fadilpašić
published

Foxsemicon has had its websites defaced

Foxconn plant in Ohio
(Image credit: Foxconn)

Foxsemicon Integrated Technology, a subsidiary of tech giant Foxconn, seems to have suffered a ransomware attack.

According to a report on Taipei Times, the company’s Mandarin and English websites were defaced earlier this week, displaying a message posted by the attackers. The message, which was later removed, said: “Your data is stolen and encrypted. If you are a Foxsemicon customer, we have all your personal data.” 

“All your personal data will be freely available on the Internet if Foxsemicon not pays [sic] money.”

Recovering from the attack

The attackers also posted a message for Foxsemicon’s employees: “If your management does not contact us, you will lose your job, as we are able to completely destroy Foxsemicon with no possibility of recovery,” the message allegedly read.

The attackers claim to have stolen 5 terabytes of company data. 

Soon after the attack, Foxsemicon submitted a statement to the Taiwan Stock Exchange, Taipei Times further reported, stating that its websites were recovered and that it engaged security experts to contain the incident. We tried opening Foxsemicon’s English website and it seems to be operational, however opening the site triggered a message from the antivirus program installed on the computer that the site could be risky.

The attack doesn’t seem to have affected Foxsemicon’s operations greatly, the company stressed. It did not share additional details about the attackers. However, the media are saying that it was Lockbit operators who targeted the company. Lockbit was first observed in 2020, operating on a ransomware-as-a-service model. 

Since its emergence four years ago, Lockbit was upgraded to version 3.0, and used by numerous threat actors. It has grown into one of the largest and most infamous ransomware operators in existence. Some of its victims include Managed Care of North America, Boeing, Capital Health, and many others. Lockbit’s operators usually target firms in the U.S., Asia, Europe, and Africa.

TechRadar Pro has contacted Foxconn for comment.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.