GIGABYTE fell victim to ransomware again

Three months after being hit by ransomEXX ransomware gang, a Taiwanese computer hardware manufacturer GIGABYTE fell victim to AvosLocker ransomware.

AvosLocker ransomware gang that began its operations in June has announced GIGABYTE on their victim list. This is the second time in three months that the Taiwanese company has suffered a ransomware attack.


The threat actor has leaked some exfiltrated documents as proof and threatened to release all the data. Leaked files contain internal company information, such as corporate agreements and non-disclosure agreements.

“If they refuse to negotiate, we will leak all the data we’ve got,” the infiltrator claimed.

AvosLocker is a relatively new ransomware gang, first observed in late June 2021, when it started looking for new affiliates on various forums. Its operations are based on the ransomware-as-a-service (RaaS) model, and it allegedly accepts only Monero (#XMR) payments.

In August, GIGABYTE was hit by the ransomEXX ransomware gang. It claimed to have stolen 112 GB of data and threatened to release it if the company didn’t pay the ransom.

CyberNews Research Team discovered that a 7 GB archive of confidential data that purportedly belongs to GIGABYTE had been leaked on a hacker forum following a recent attack by the ransomEXX ransomware gang.

The archive was initially posted on ransomEXX’s public website, presumably after GIGABYTE refused to pay the ransom demanded by the attackers on August 12. The stolen data contained GIGABYTE internal company information as well as Intel and AMD proprietary data, including the source code for the Intel Manageability Commander and numerous confidential documents related to AMD.

Next steps

For organizations that wish to avoid becoming victims of ransomware groups, here are a few basic precautions to have in mind:

1. Establish an intelligent threat detection system or a security incident event management system. In the event of a breach by malicious actors, such systems will alert your IT personnel about the incident in real-time and help them prevent data exfiltration from company servers.

2. Use a secure encryption algorithm to encrypt your confidential data. When encrypted, your company data would be all but useless to attackers. The data would be scrambled by the algorithm, which would render it unreadable for unauthorized parties without a decryption key.

To see if any of your online accounts were exposed in previous security breaches, use our personal data leak checker with a library of 15+ billion breached records.

More from CyberNews:

Should former spies work on privacy products?
Attackers target the cloud. We just don't care to notice - interview
The reason why support scams have proliferated: they workGood luck, everyone - REvil hacker after group's Tor site gets taken overTrusting the cloud after OMIGOD and Azurescape - interviewSilence can cause millions in downtime costsSubscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked