Chip Maker ADATA Attacked by Ragnar Locker Ransomware Group


ADATA, a Taiwan-based leading memory and storage manufacturer, was forced to take its systems offline after a ransomware attack crippled its network in late May. 

ADATA is known for manufacturing superior DRAM memory modules, NAND nonvolatile storage cards, mobile accessories, gaming products, diversion products, wattage trains, and industrial solutions.

ADATA admitted in an email to Bleeping Computer that it was hit by a ransomware attack on May 23, 2021, and responded by shutting down the impacted systems and notifying all relevant international authorities of the ransomware attack. However, the firm claims that its business operations are no longer disrupted and that it is busy restoring the affected devices. 

ADATA didn’t offer info on the ransomware operation behind the incident or any ransom demands. However, Bleeping Computer says that the Ragnar Locker ransomware gang has already taken the responsibility for the ADATA attack. In fact, Ragnar Locker says that they have allegedly taken one 1.5TB of sensitive information from ADATA’s computers before deploying the ransomware. 

So far, the ransomware gang has posted screenshots of the stolen files in order to prove their claims. However, they’re threatening to leak the rest of the data if the memory manufacturer does not pay the ransom. Chip manufacturers have become a lucrative target for ransomware operators, who can use the threat of downtime, which can prove to be a lot more costly in these turbulent times than the ransom, as another bargaining chip.

Security researchers discovered the Ragnar Locker ransomware in late December 2019. The gang operates by targeting enterprise endpoints and terminating remote management computer code (such as ConnectWise and Kaseya) installed by managed service suppliers (MSPs) to manage clients’ systems remotely.

In November 2020, the FBI said that Ragnar Locker Ransomware targeted "cloud service providers, communication, construction, travel, and enterprise software companies." The attack on ADATA is significant also because of its timing, as it comes in the midst of the ongoing chip shortage. With manufacturers struggling to keep pace with the demands, any downtime could further delay the industry's recovery. 

ADATA stated to BleepingComputer that it is "determined to devote ourselves making the system protected than ever, and yes, this will be our endless practice while the company is moving forward to its future growth and achievements."

Comments are closed.