On Friday, a message appeared on Lockbit stating that the group of hackers had successfully hacked TAIWAN SEMICONDUCTOR MANUFACTURING Company (TSMC), the world’s largest chip manufacturer. The attackers have threatened to publish the company’s confidential data unless a ransom of $70 million is paid to decrypt the files. LockBit also claims to have access to 10 TSMC information.
Lockbit is one of the most active types of ransomware, developed by individuals who employ a double tactic of file encryption and threatening to disclose stolen information. Among the victims targeted by LockBit are companies like Accenture, Press Trust of India, and Bangkok Airways. The interested parties are required to make a deposit before customized attacks can be carried out with the ransom payment being divided between Lockbit developers and the attacking partners, who receive up to 3/4 of the ransom amount.
On Wednesday, one of Lockbit’s partners, known by the pseudonym Bassterlord, posted screenshots of information on Twitter that appeared to be confidential. The screenshots contained email addresses, applications, and accounting data from various systems, allegedly belonging to TSMC. Although the post was deleted later, Lockbit created a new entry on its website demanding a ransom of $70 million.
“In case of refusal to pay, points of entry, passwords, and login credentials will also be published,” the post stated.
However, a representative from TSMC stated that the company has not encountered any security incidents and that all production operations are running normally. TSMC regularly conducts vulnerability checks on its network and takes the necessary measures to protect its data.
Subsequently, the company admitted that while it was not directly hacked, the systems of one of their IT equipment suppliers, Kinmax Technology, were compromised.
“One of our IT equipment suppliers experienced a cybersecurity breach, which resulted in the leakage of information related to the initial setup and configuration of servers,” the representative explained.
“Following the TSMC incident, data exchange with this supplier was immediately halted according to security protocols. TSMC continues to work on enhancing security awareness among its partners.”
The LockBit attack may be part of a larger campaign targeting microchip manufacturers. Last year, the hacker group Revil claimed responsibility for hacking Quanta Computer, which manufactures Apple laptops. They demanded a ransom of $50 million in return for the stolen designs. However, Apple refused to pay