LockBit hits Taiwanese semiconductor firm Foxsemicon


Foxsemicon, one of Taiwan’s biggest semiconductor manufacturers, has been hit with a cyberattack. The notorious LockBit ransomware gang claims to be behind it.

On the evening of Wednesday, January 17th, Foxsemicon’s website appeared to have been hijacked by the ransomware group LockBit. It displayed a message threatening to release the personal data of the firm’s customers and employees.

“Your data is stolen and encrypted,” a message at the top of the website stated, adding that it held five terabytes of the company’s information and would publish it online if a ransom was not paid.

ADVERTISEMENT

“If you are a Foxsemicon customer, we have all your personal data. All your personal data will be freely available on the internet if Foxsemicon not pays money,” the message added in broken English.

fox-website-lockbit
A message from LockBit that appeared on Foxsemicon's website. Image by Cybernews.

The tactic that LockBit used in the attack on Foxsemicon is not actually typical for the gang. They usually post the names of the victims on their extortion website rather than deface the company’s web page.

Foxsemicon soon said that the website had been recovered. The firm was allegedly working with security experts to clarify the situation and was hoping that the incident would not significantly affect its operations.

However, the company’s English-language website remained inaccessible on Thursday, while portions of its Mandarin-language page also appeared to be unavailable.

Foxsemicon has not disclosed any information about the ransom demanded by the threat actor. Nor would the company confirm whether any personal information of its customers or employees was leaked.

The number of cyberattacks on Taiwan has jumped up sharply in recent days as the country has just held a presidential election. Lai Ching-te, a pro-democracy candidate disliked by China, won the vote.

Unsurprisingly, experts believe that Chinese hackers are probably responsible for most attacks. Google Cloud recently said that distributed denial-of-service (DDoS) attacks targeting Taiwan experienced a 3,370 percent growth compared to the previous year.

ADVERTISEMENT

Ben Forster, senior director of product at AttackIQ, a cybersecurity firm, pointed out: “Last month, Taiwanese government officials called on the US Treasury Department for support due to heightened security vulnerability.

In this particular case, it’s doubtful that there was a political motivation for the attack. Yes, LockBit was discovered in 2020 when its eponymous malicious software was found on Russian-language cybercrime forums, leading some security analysts to believe the gang is based in Russia – a country that China has moved closer to in recent times.

But the gang appears to be purely financially motivated and has not professed support for any government – nor has any government formally attributed it to a nation-state.