A ransomware group is trying to extort the electronics manufacturing large Foxconn, claiming that it stole 8 terabytes of knowledge from the firm, together with schematics and undertaking details from clients together with Dell, Google, Apple, and Nvidia. Foxconn did not instantly reply to WIRED’s request for remark about the validity of the claims, however the firm did acknowledge that a few of its North American factories “suffered a cyberattack” in latest days, and that “affected factories are at the moment resuming regular manufacturing” after outages.
Foxconn is the kind of goal that is notably interesting to ransomware and information extortion actors, as a result of it is an enormous firm with divisions and subsidiaries round the world that maintain not solely its personal mental property however that of its clients. The corporate is a key manufacturing contractor for digital components or total units, together with Apple’s iPhones.
“Ransomware teams are more and more concentrating on victims that may affect the provide chain, whether or not it is bodily or software program,” says Allan Liska, a risk intelligence analyst at safety agency Recorded Future. “So it’s unsurprising that an organization like Foxconn can be focused, because it does manufacturing and holds delicate information for thus many firms round the world.”
The attackers, often called the Nitrogen group, listed Foxconn on its breach web site on Monday. Nitrogen, which emerged in 2023, is not the most high-profile or prolific ransomware actor, nevertheless it has been steadily lively with some spikes, together with at the finish of 2024. The group, which usually targets victims in North America and Western Europe, additionally has connections to the infamous ALPHV/BlackCat ransomware group.
“Whereas experiences point out that Nitrogen has been lively since 2023, our first commentary of their exercise was in 2024, concentrating on Management Panels USA,” says Ian Grey, vice chairman of intelligence at the safety firm Flashpoint. “Now we have noticed roughly 50 victims since launching, primarily concentrating on manufacturing, know-how, and retail. Manufacturing is considered one of the most-targeted sectors for ransomware generally.”
The thought of Foxconn as a first-rate goal is not simply conceptual. The corporate has confronted a variety of extortion makes an attempt, together with a December 2020 attack on a Mexican facility by which the DoppelPaymer ransomware group memorably demanded 1,804 bitcoin (price roughly $34 million at the time). The LockBit group hit one other Foxconn facility in Mexico in May 2022 and disrupted manufacturing. Most just lately, LockBit attacked a subsidiary referred to as Foxsemicon Built-in Expertise in 2024 with defacements and information breach claims.
As well as to trying to extort victims by threatening to launch information stolen in an assault, Nitrogen additionally typically deploys conventional ransomware that encrypts a goal’s methods. Researchers say that the group’s ransomware program itself was constructed off of broadly repurposed “Conti 2” code, nevertheless it has an issue. Nitrogen’s encrypting mechanism has a design flaw that makes it not possible to decrypt information as soon as it has been encrypted—even when the attackers need to launch a sufferer’s methods. It is unclear if this is a think about Foxconn’s incident response this week.
Ransomware and information extortion is an inveterate digital safety drawback, and attackers recurrently repeat targets and stoop to new lows in finishing up large-scale disruptive assaults. Simply final week, 1000’s of colleges round the US had been paralyzed amid finals and different year-end actions when the schooling tech agency Instructure shut down access to its Canvas platform following a breach perpetrated by extortion actors.
Up to date at 6:15 pm ET, Could 12, 2026, to embody remark from Flashpoint’s Ian Grey.
Disclaimer: This article is sourced from external platforms. OverBeta has not independently verified the information. Readers are advised to verify details before relying on them.
