Taiwanese electronics leader Foxconn becomes a victim of ransomware; attackers demand $34 million

Tiziana Piatos  - Streaming Reporter
Last updated: November 2, 2023
Foxconn ransomware DoppelPaymer
  • Foxconn, the largest global electronics manufacturer, comes across a massive ransomware attack on the Mexican facilities.
  • At first, the company kept the cyberattack hidden, but the initial stolen data has now been revealed.
  • The attackers’ group named ‘DoppelPaymer’ are demanding a ransom of approximately $34 million in Bitcoins.

Foxconn is one of the largest electronics manufacturers globally. The company has contracts with tech giants like Apple, Microsoft, Sony, Amazon, Nintendo, Huawei, Nokia, Cisco, Intel, Dell, HP, and many more.

The multinational electronics deity recently went through a colossal ransomware attack at its North American Foxconn CTBG MX facility in Ciudad Juárez, Mexico. Reportedly, the attackers had stolen some unencrypted files before breaching the devices.

Foxconn CTBG MX facility manufactures mobile phones, LCD TVs, and set-up boxes.

The attack was carried out by a ransomware group named DoppelPaymer, and they have acknowledged their action.

When did this happen?

News website Bleeping Computer reported the attack was recorded on Nov. 29, 2020, and since then, the NA facility’s website is down. If you check out the website https://fii-na.com.mx/, it will return you with an HTTP Status 404 (not found). The problem continues, and the electronics giant seems to have already suffered for over a week.

The media have been tracking Foxconn since the ransomware attack occurred. Cybersecurity organizations have confirmed that DoppelPaymer is acting behind all these events.

This security breach at Foxconn’s NA facility leaked data, including generic business documents. However, the report says that the financial data and employees’ personal information are safe.

The NA facility opened in 2005 and covered an area of over 682K sq ft. It accesses a vast area of both North and South America to supply its products.

DoppelPaymer reveals the data; in return, demands ransom

Foxconn had kept this a secret before DoppelPaymer came out and asked for a hefty ransom of 1804.0955 BTC. This equals almost 34 million USD in BTC price as of December 09, 2020.

Thus far, the leaked information does not contain anything that can be agonizing. However, the attacker can reveal other financial information if their demands aren’t fulfilled.

DoppelPaymer claims that they have access to almost 1,200 servers and over 100 GB of unencrypted files from Foxconn CTBG MX. They have reportedly demolished data up to 30 TB that was misc backups.

The attackers had given the company three days before the first data leak went public. Foxconn has 21 days in total before DoppelPaymer vanishes all the data that will be non-recoverable.

The company has confirmed the attack, and they are steadily bringing their systems back into operation. Foxconn highlighted that getting the entire system back would take a bit of time. The investigation is underway, and the service is coming back in phases.

Foxconn has yet to clarify whether it will be paying such a massive ransom. However, they are working with security experts to take legal action against the attackers.

DoppelPaymer recently launched another massive attack on Chinese electronics maker Compal. They have demanded a towering 1,000 BTC from the company. This attacking gang’s target is clear. They want big bucks, and that too in BTC.

Share this article

About the Author

Tiziana Piatos

Tiziana Piatos

Streaming Reporter

Tiziana is a writer with four years of experience in news and blog writing who always has been digital privacy-conscious. That' why she has joined PrivacySavvy - to make others privacy-oriented, too. In her spare time, Tiziana enjoys testing privacy and security gadgets and tools for fun. She also likes hitting the local food spots in her hometown.

More from Tiziana Piatos


No comments.