Taiwanese electronics leader Foxconn becomes a victim of ransomware; attackers demand $34 million

Tiziana Piatos Last updated: December 8, 2020
Foxconn ransomware DoppelPaymer
  • Foxconn, the largest global electronics manufacturer, comes across a massive ransomware attack on the Mexican facilities.
  • At first, the company kept the cyberattack hidden, but the initial stolen data has now been revealed.
  • The attackers’ group named ‘DoppelPaymer’ are demanding a ransom of approximately $34 million in Bitcoins.

Foxconn is one of the largest electronics manufacturers globally. The company has contracts with tech giants like Apple, Microsoft, Sony, Amazon, Nintendo, Huawei, Nokia, Cisco, Intel, Dell, HP, and many more.

The multinational electronics deity has recently gone through a colossal ransomware attack at its North American Foxconn CTBG MX facility located in Ciudad Juárez, Mexico. Reportedly, the attackers had stolen some unencrypted files before breaching the devices.

Foxconn CTBG MX facility manufactures mobile phones, LCD TVs, and set-up boxes.

The attack was carried out by a ransomware group named DoppelPaymer, and they have acknowledge their action.

When did this happen?

News website Bleeping Computer reported the attack was recorded on Nov. 29, 2020, and since then, the NA facility’s website is down. If you check out the website https://fii-na.com.mx/, it will return you with an HTTP Status 404 (not found). The problem goes on, and the electronics giant seems to have suffered for over a week now already.

Media have been tracking Foxconn since the ransomware attack occurred. Cybersecurity organizations have confirmed that DoppelPaymer is acting behind all this event.

This security breach at Foxconn’s NA facility has leaked data, which includes generic business documents. However, the report says that the financial data and employee’s personal information are safe.

The NA facility opened in 2005 and covered an area of over 682K sq ft. It accesses a vast area of both North and South America to supply its products.

DoppelPaymer reveals the data; in return, demands ransom

Foxconn had kept this as a secret before DoppelPaymer came out and asked for a hefty ransom of 1804.0955 BTC. This equals to almost 34 million USD in BTC price as of December 09, 2020.

Thus far, the leaked information does not contain anything that can be agonizing. However, the attacker can reveal other financial information if their demands aren’t fulfilled.

DoppelPaymer claims that they have access to almost 1,200 servers and over 100 GB of unencrypted files from Foxconn CTBG MX. They have reportedly demolished data up to 30 TB that was misc backups.

The attackers had given three days to the company prior to the first data leak going public. Foxconn has 21 days in total before DoppelPaymer vanishes all the data that will be non-recoverable.

The company has confirmed the attack, and they are steadily bringing their systems back into operation. Foxconn highlighted that it would take a bit of time to get the entire system back. The investigation is underway, and the service is coming back in phases.

Foxconn is yet to clarify whether they will be paying such a massive amount in ransom. However, they are working with security experts in taking legal action against the attackers.

DoppelPaymer recently launched another massive attack on Chinese electronics maker Compal. They have demanded a towering 1,000 BTC from the company. This attacking gang’s target is clear. They want big bucks and that too in BTC.

Share this article

About the Author

Tiziana Piatos

Tiziana Piatos

Tiziana is a writer with four years of experience in news and blog writing who always has been digital privacy-conscious. That' why she has joined PrivacySavvy - to make others privacy-oriented, too. In her spare time, Tiziana enjoys testing privacy and security gadgets and tools for fun. She also likes hitting the local food spots in her hometown. Read More


No comments.