Since the Taiwanese company decided not to pay the ransom, almost half of it has been published online

Jun 22, 2021 06:54 GMT  ·  By

The hackers behind Ragnar Locker managed to steal more than 1.5TB from ADATA and published more than 700GB of it online. The data was uploaded in the form of 13 password-protected archives, says Security Affairs

The cybercriminal gang says the 1.5TB stolen data contains sensitive information such as confidentiality agreements, financial documents, contracts, and other files. The chipmaker refused to pay the ransom demanded by hackers. Therefore, Ragnar Locker decided to make the data public. To prove possession, they of posted a few screenshots.

Stolen Data Screenshot 1

This is the second batch of archives allegedly stolen from ADATA that were published online. Initially, Ragnar Locker posted the archive on the MEGA storage platform, but the company closed the organization's account and banned access to the group's shared files. Four small archives in 7-Zip format were posted on the leak site earlier this month. The hackers tried to pressure victims into paying a ransom.

Stolen Data Screenshot 2

More technical information on the ransomware is included in the study, as well as recommendations for mitigation

In the context of raising awareness in the private sector of the increase in Ragnar Locker Ransomware activity following a confirmed cyberattack in April 2020, the FBI issued a flash warning (MU-000140- MW) in November of that year. Some of the highlights include:

  • Recommendations for Mitigation  
  • Offline backups of critical data 
  • Ensure that vital data is duplicated in the cloud or on an external hard drive or storage device that does not have access to the network
  • Secure your backups and make sure that data cannot be modified on the system where it is stored
  • Install and keep anti-virus or anti-malware software up to date on all hosts
  • Use only secured networks and avoid public Wi-Fi networks 
  • Consider setting up VPN
  • Use multi-factor authentication in combination with secure passwords
  • Maintain systems, devices and apps patched and up-to-date systems

Photo Gallery (3 Images)

ADATA hit by Ragnar Locker Ransomware
Stolen Data Screenshot 1Stolen Data Screenshot 2
Open gallery