Gigabyte has allegedly been struck by a ransomware attack, the second time the company has been targeted in three months. The previous attack, occurred in August with 112 gigabytes of sensitive data stolen. That attack was attributed to the RansomEXX gang.
AvosLocker is claiming to have successfully attacked the company. AvosLocker searching for affiliates earlier this year, a report detailed that the gang planning to auction the data of victims who have refused to pay the ransom demanded.
The AvosLocker gang has published some stolen data as proof that they did indeed successfully target Gigabyte. The data includes passwords and usernames, employee payroll details, human resources documents and credit card details. Documents related to tieup with Barracuda Networks Inc., Blizzard Entertainment Inc., Black Magic, Intel Corp., Kingston Technology Corp., Amazon.com Inc. and Best Buy Co. Screenshots were also provided of a file tree showing various other documents stolen.
Also Read : RansomEXX Raids Gigabyte
The AvosLocker double extortion model includes sale of data for those who don’t pay, rather than just free release,“To facilitate sales, AvosLocker must steal data that’s worth buying. The file tree (directory listing) teased by AvosLocker certainly appears to be the kind of data that would be valuable to a multitude of cybercriminals.”
The selective leaking of information is a method to further entice victims into paying the ransom, What will be interesting to see is how this method of auctioning data will change the math, but in the end, crime on the internet still pays.