Ransomware Attack on MIPS Technologies by Play Ransomware Group: Impact and Details

Incident Date: Jul 17, 2024

Attack Overview

VICTIM

MIPS Technologies

INDUSTRY

Manufacturing

LOCATION

USA

ATTACKER

Play

FIRST REPORTED

July 17, 2024

Request Removal

Ransomware Attack on MIPS Technologies by Play Ransomware Group

Overview of MIPS Technologies

MIPS Technologies, a pioneer in microprocessor design, specializes in developing RISC (Reduced Instruction Set Computing) architectures, particularly focusing on the RISC-V architecture. Established over three decades ago, MIPS has a significant legacy in semiconductor technology, having shipped billions of chips across various markets, including automotive, cloud computing, and embedded systems. The company is headquartered in California, USA, and employs between 1,000 and 4,999 people. MIPS is known for its innovative RISC-V cores, which offer high performance and extensive customization capabilities.

Details of the Ransomware Attack

MIPS Technologies has fallen victim to a ransomware attack orchestrated by the Play ransomware group. The incident was publicly disclosed on Play Ransomware's Data Leak site, revealing that the tech giant's systems had been compromised. The official release of detailed information is scheduled for July 19, 2024. Preliminary reports have already surfaced, raising alarm among MIPS Technologies' partners and customers. The early disclosure has heightened concerns about the potential impact on the company's operations and data security.

About the Play Ransomware Group

The Play ransomware group, also known as PlayCrypt, has been active since June 2022 and has been responsible for numerous high-profile attacks. Initially focused on Latin America, the group has expanded its operations to North America, South America, and Europe. Play ransomware uses various methods to gain entry into a network, including exploiting RDP servers, FortiOS vulnerabilities, and Microsoft Exchange vulnerabilities. The group employs tools like Mimikatz for privilege escalation and uses custom tools to enumerate users and computers on compromised networks.

Potential Vulnerabilities and Attack Methods

MIPS Technologies, with its extensive use of advanced RISC-V architectures and multi-threading capabilities, may have been targeted due to its significant role in critical sectors like automotive and cloud computing. The Play ransomware group could have penetrated MIPS' systems through vulnerabilities in RDP servers or by exploiting known vulnerabilities in FortiOS and Microsoft Exchange. The group's use of scheduled tasks, PsExec, and Group Policy Objects (GPOs) to distribute ransomware executables within the internal network could have facilitated the attack.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.