Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
A group of ransomware is trying to take over the electronics giant Foxconnsaying that it stole 8 TB of data from the company, including schematics and project details from customers including Dell, Google, appleand Nvidia. Foxconn did not immediately respond to WIRED’s request for comment on the veracity of the claims, but the company acknowledged that some of its North American factories had “experienced a cyberattack” in recent days, and that “affected factories are resuming production” after it was over.
Foxconn is the kind of target that attracts the attention of ransomware fraudsters and data extortionists, because it is a large company with divisions and organizations around the world that not only have their intellectual property, but also its customers. Company is key contract manufacturer about electronics sections or all equipment, including Apple iPhones.
Allan Liska, an intelligence analyst at the security firm Recorded Future said: “So it is not surprising that a company like Foxconn is targeted because it produces and has the knowledge of many companies around the world.”
The attackers, known as the Nitrogen group, named Foxconn on the website they hacked on Monday. Nitrogen, which came out in 2023, is not the most advanced or prolific ransomware player, but it has been active with other spikes, including at the end of 2024. ALPHV/BlackCat ransomware group.
The idea of Foxconn as a major target is not just speculation. The company has faced several fraud attempts, including a December 2020 attack on a site in Mexico where the DoppelPaymer ransomware group demanded 1,804 Bitcoin (worth about $34 million at the time). The LockBit team hit another Foxconn facility in Mexico in May 2022 and interfere with production. Recently, LockBit attacked a company called Foxsemicon Integrated Technology in 2024 with hacking and data breach claims.
In addition to trying to extort victims by threatening to release the stolen data during the attack, Nitrogen often uses traditional ransomware that hides the target machine. The researchers say that the group’s ransomware was created with the code “Conti 2”, but it is flawed. Nitrogen’s encrypting machine has wrong design which makes it impossible to encrypt data once it is stored – even if the attackers want to take out the victim’s machine. It is unclear if this is what Foxconn responded to this week.
Ransomware and data theft are a serious digital security problem, and attackers repeat their targets with less effort when carrying out large-scale attacks. Last week, thousands of schools around the US were shut down during finals and other events at the end of the year when the education technology company. Education has closed access to its Canvas platform to follow the violations committed by the occupiers.
