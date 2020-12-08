On December 7, 2020, Foxconn files were released by a group of hackers using DoppelPaymer, an increasingly popular ransomware. On their website, they disclose annual reports, but not financial documents or employees. They are also demanding a ransom of 1,804,0955 BTC (nearly $ 35 million).

This post follows a hack that took place on November 29, 2020. Hackers restored unprotected files from Foxconn and then encrypted them before demanding the ransom. On DoppelPaymer’s site, the hackers confirmed their attack, stating that it targeted a single site, the CTBG MX in Mexico, rather than the entire Foxconn group. They claim to have encrypted 1,200 servers, stolen 100 GB of unprotected files, and deleted between 20 and 30 TB of backups.

The ransom note was reported by BleepingComputer, which revealed the case:

Since the attack, the CTBG MX site has been shut down and is displaying a 404 error.

Other DoppelPaymer victims include Compal, PEMEX (Petróleos Mexicanos), the Californian city of Torrance, the University of Newcastle, Hall County in Georgia, the Banijay Group and the French Brittany Télécom. Nevertheless, this ransom agency has a certain ethic and does not attack any structure, such as B. Hospitals excluded from their practices.

The CTBG MX location is located in Ciudad Juárez, Mexico, near the US border. It has been open since 2005 and is responsible for assembling electronic equipment for America. Bad advertisement for Mexico, which could position itself as a new manufacturer of high-tech devices. Foxconn is the world’s largest electronics company. In 2019, the company had sales of $ 172 billion and more than 800,000 employees, whose working conditions have been repeatedly denounced.