AMD targeted by RansomHouse, claim to have ‘450Gb’ in stolen data

If claims hold true, AMD has been targeted by the extortion group RansomHouse, which says it is sitting on a trove of data stolen from the processor designer following an alleged security breach earlier this year.

The data was stolen from AMD in January, according to the group.

Cybersecurity bod Catalin Cimpanu on Twitter noted RansomHouse’s claim of not deploying ransomware and wrote that “This might be a failed attack where someone is trying to monetize some stolen data. looks like someone who buys hacked data to extort companies instead.”.

Cimpanu also suggested that the data “Could be from an AMD partner, but RansomHouse might be trying to pass it as AMD’s for more catchy media coverage. These groups often use this tactic to add pressure on a victim’s upstream contractors. See REvil’s Quanta incident, where they claimed it was Apple.”

“The researchers wrote that RansomHouse enters networks by exploiting vulnerabilities to steal data and coerces victims to pay up, lest their data is sold to the highest bidder. And if no criminal is interested in buying the data, the group leaks it on their leak site.”

“While experts believe that RansomHouse is not going to become a very successful gang in the near future, the launch of a new data exfiltration portal should be taken seriously,” the Cyware researchers wrote.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:
GET STARTED TODAY

Tell us About your Needs
Get an Answer the Same Business Day

Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.

What happens next:

  • We reach out to learn about your objectives
  • We work together to define your project’s scope
  • You get an all-inclusive, no engagement proposal
PCI-DSS
This field is for validation purposes and should be left unchanged.

BOOK A MEETING

Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

2024 EDITION

PENETRATION TESTING Buyer's Guide

Everything You Need to Know

Gain confidence in your future cybersecurity assessments by learning to effectively plan, scope and execute projects.
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.