Thursday, September 29, 2022
No menu items!

AMD loses 450 Gigabytes of Company Data To Hackers

Must Read

AMD is one of the latest computer tech giants to be targeted by hackers. According to BleepingComputer, data worth 450 megabytes was stolen from the computer chip giant in January this year. So is this true, how did it happen, and what does it mean for AMD’s customers? All of this and many more we will be looking at in today’s post so make sure you stick around.

According to BleepingComputer, AMD was hacked by a notorious group in January 2022. The attack was coordinated by a staff of AMD who had links to the hackers. The hackers claimed to have made away 450 gigabytes of data from the company’s data storage.

RasnomHouse, a group notorious for breaching companies, stealing their data and selling it to others claimed to have access to information stolen from AMD. The group did not claim to be behind the hacking. However, they confirmed that they were in possession of the sensitive information.

RansomHouse first started making the claims on Telegram, teasing their followers with the sale of data belonging to a popular three-letter company.

RansomHouse shared a file with Bleepingcomputer. A file that supposedly contains information on seventy thousand devices, and the company’s internal login data. Whether the information contained in the file is legitimate or not remains a mystery as BleepingComputer didn’t confirm whether the data is real or not.

RansomHouse is popular for getting companies to pay a ransom to prevent the leakage of their stolen data so it would be no surprise if RansomHouse asked the same thing from AMD.

Ironically, RansomHouse claims it has no intentions of getting the company to pay a ransom for its information. In fact, the group says it’s working on plans to sell the stolen information to other threat actors.

So how would something like this happen in the first place? Well, according to RansomHouse, AMD’s security architecture was pretty weak.

In fact, the group claimed that no ransomware was used in the infamous hacking. Rather, the breach was down to the simple passwords AMD used to protect its networks.

If this was true, of course, it will be a major embarrassment to one of the largest manufacturers of semiconductors in the world. It could also be a sign of danger to their customer base, especially if the story about using weak passwords is true.

As for AMD, what have they got to say? Well, one of the company’s spokesmen came out to acknowledge rumors of the hacking.

AMD is aware of a bad actor claiming to be in possession of stolen data from AMD. An investigation is currently underway,”

Unfortunately, the company did not deny or confirm that any sensitive information had been stolen. Sadly, the company’s statement doesn’t do much to inspire confidence.

So why did RansomHouse do it? Well, according to RansomHouse, they are a “professional mediators community” that spot vulnerabilities in a company’s data security. They spot it and charge the company a “bug bounty” for disclosing the security vulnerabilities. They don’t believe they are stealing or doing anything wrong. Rather they believe they are helping companies.

“We believe that the culprits are not the ones who found the vulnerability or carried out the hack, but those who did not take proper care of security. The culprits are those who did not put a lock on the door leaving it wide open inviting everyone in,”

“People are inherently curious and are eager to learn the object of their interest. Usually, corporations respond to the message that their “doors are wide open” in a negative context, with direct threats, or silence. In rare cases, one could meet gratitude and ridiculously small payments that do not cover even 5% of an enthusiast’s efforts.”

There are chances that RansomHouse isn’t behind the hack. They might just be middlemen who might have gotten the information from third-party hackers.

Since there are no indications that RansomHouse intends to blackmail AMD into paying for the information, what then could they do with the information?

Well, they could simply sell it to the highest bidder. In fact, RansomHouse said so themselves when they released the update informing people of the hack.

“It’s a shame those are real passwords used by AMD employees, but a big shame to AMD Security Department which gets significant financing according to the documents we got (our) hands on – all thanks to these passwords,”.No, we haven‘t reached out to AMD as our partners consider it to be a waste of time: it will be more worth it to sell the data rather than wait for AMD representatives to react with a lot of bureaucracy involved,”

The AMD hacking is one of the high-profile hackings that have occurred in the tech world this year. In March 2022, Nividia was hacked and had their information stolen by a group called LAPSU$.

According to the group responsible for the hacking, files worth 1terabyte were stolen. The files contained data about the company’s hardware and software. The hack occurred a day after Russia’s invasion of Ukraine. This led to speculations that the group behind the hacking was state-sponsored. Nividia did confirm the hack in a memo released by the company.

We are aware that the threat actor took employee credentials and some Nvidia proprietary information from our systems and has begun leaking it online. We have no evidence of ransomware being deployed on the Nvidia environment or that this is related to the Russia-Ukraine conflict. Nvidia is now working to analyze what information LAPSUS$ has been leaking on the internet. “We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident.”

Latest stories

Flux: cross-chain Oracle on NEAR Protocol

Flux protocol is a cross-chain oracle aggregator that supplies economically-viable information to smart contracts. Smart contracts are pieces of code...

More Articles Like This