One of the world’s biggest tech giants, Asus, faces a serious cybersecurity threat. The notorious Everest ransomware gang claims to have hacked Asus.
They are threatening to leak a terabyte of the company’s data. A countdown clock on their dark web site is ticking down.
The Asus data breach claim
Multinational electronics giant Asus has appeared on a dark web forum run by the infamous Everest Ransomware group. They claim they got hold of one terabyte of the company’s data.
They specifically mention obtaining “camera source code.” This could refer to firmware or software code. If hackers get their hands on such information, chances of them finding security loopholes through it is high.
Without Everest providing evidence of the stolen data there is currently no way to confirm Everest’s allegations. So far, Asus has made no official comment on this subject.
Everest uses a common pressure tactic. They posted a countdown timer on their leak site. It marks the time until they supposedly release the stolen information.
This forces the victim to negotiate under a deadline. The goal is to secure a ransom payment quickly.
The potential impact and a dangerous threat actor
Source code theft is a serious concern for a hardware company.
In theory, this could allow skilled hackers to create custom malware. That malware could then target specific parts of Asus products. However, these are still just claims for now.
Everest Ransomware is a major and active cybercriminal group. They often follow through on their threats. Just last month, they targeted US loan giant Money Mart and Brazilian petroleum leader Petrobras.
Monitoring tools show their alarming scale. Since 2023, Everest has listed over 250 victims and claimed more than 100 victims in the past year alone. This relentless pace isn’t an outlier; it’s part of a brutal new normal in cybercrime. For a deeper look at the trends driving this surge, check out our breakdown of the latest ransomware statistics you must know.
Asus is the fifth-largest PC vendor in the world – the company reported revenue over $17 billion last year. A confirmed breach of this size would be a significant event.
The cybersecurity world is now watching the countdown clock. Everyone is waiting to see if Everest makes good on its threat.
Part of a troubling global pattern
The Asus threat fits a clear and alarming global pattern. This past month saw several major cyberattacks all over the world.
This pattern shows no organization is safe. Sensitive data was exposed at prominent institutions like The Washington Post and Harvard University. The Clop ransomware gang was especially busy, exploiting software flaws to hit many targets.
Real-estate finance giant SitusAMC was breached, exposing client data linked to major banks. Even Coupang, the biggest e-commerce company in South Korea, got hit—a breach exposed 33.7 million customer accounts.
Ransomware didn’t stop there. It knocked out essential public services, too. Some London councils got hit by an attack and went offline, leaving over 500,000 folks without important stuff. And get this, in the US, hackers messed with the CodeRED emergency alert system, meaning communities couldn’t send out safety alerts!
The Everest group’s tactics against Asus reflect key modern threats. They focus on data theft for extortion, not just locking systems. This “silent” data stealing is now more common and damaging.
Their attack also highlights pervasive third-party risk. Many November breaches, like those at Logitech and Cox Enterprises, started in vendor software. No company’s defenses end at its own network anymore.
Asus is in a tight spot as the countdown continues, and the big takeaway is that every company is at risk now. Cyber threats are nastier, more connected, and cause bigger problems than ever before.
