RansomHub Claims 200GB Data Theft in Ransomware Attack on Clevo Co.

Incident Date: Jun 12, 2024

Attack Overview

VICTIM

Clevo Co.

INDUSTRY

Manufacturing

LOCATION

Taiwan

ATTACKER

Ransomhub

FIRST REPORTED

June 12, 2024

Request Removal

RansomHub Claims Ransomware Attack on Clevo Co.

Overview of Clevo Co.

Clevo Co., established in 1983, is a Taiwanese company specializing in the design and manufacturing of high-performance notebook computers and related hardware. Operating as an Original Design Manufacturer (ODM), Clevo focuses on engineering and production, allowing its partners to handle marketing and sales. The company is known for its customizable and high-quality laptops, particularly in the gaming, professional, and enthusiast markets. Clevo reported a revenue of TWD 24.38 billion in 2022 and employs approximately 4,820 people.

Details of the Ransomware Attack

RansomHub, a ransomware group, has claimed responsibility for a cyberattack on Clevo Co. The group announced the attack on their dark web leak site, stating they had stolen 200GB of data from Clevo's networks. RansomHub has given Clevo an eight-day countdown to negotiate and pay the ransom, threatening to publish the stolen data if their demands are not met. The group claims that all network and backups have been fully encrypted.

About RansomHub

RansomHub is a relatively new ransomware group believed to have roots in Russia. Operating as a Ransomware-as-a-Service (RaaS) group, RansomHub affiliates receive 90% of the ransom money, with the remaining 10% going to the main group. The group has targeted various countries, including the US, Brazil, Indonesia, and Vietnam, and has previously been involved in publishing stolen data from UnitedHealth Group’s Change Healthcare hack. RansomHub's ransomware strains are written in Golang, a language gaining popularity in the ransomware world.

Potential Vulnerabilities

Clevo's extensive network and reliance on high-performance computing make it an attractive target for ransomware groups like RansomHub. The company's focus on engineering and production, while beneficial for innovation, may also present vulnerabilities in cybersecurity measures. The attack highlights the importance of robust cybersecurity protocols and the need for continuous monitoring and updating of security systems to protect against sophisticated cyber threats.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.