MacBook maker Compal has reportedly been hit by a ransomware attack over the weekend, the hackers claiming to have encrypted files and stolen unencrypted data.
It comes just ahead of today’s event to announce the first Apple Silicon MacBooks, and at a time when Apple has reportedly placed very large orders for the next-generation MacBooks …
Bleeping Computer reports that the attackers are demanding 1,100 Bitcoin, worth close to $17 million at the current exchange rate.
Key MacBook maker Compal has denied the report, but the evidence seems pretty compelling.
BleepingComputer has confirmed that Compal suffered a DoppelPaymer ransomware attack after we obtained a ransom note used in the attack […]
DoppelPaymer is a ransomware operation known for attacking enterprise targets by gaining access to admin credentials and using them to spread throughout a Windows network. Once they gain access to a Windows domain controller, they deploy the ransomware payloads to all devices on the network.
According to the DoppelPaymer Tor payment site linked to in the ransom note, the ransomware gang is demanding 1,100 Bitcoins, or $16,725,500.00 at today’s prices, to receive a decryptor.
According to the ransom note and DoppelPaymer’s past history, the attackers likely stole unencrypted data as part of their attack. This stolen data is then used as a double-extortion strategy where the ransomware gangs threaten to release the files on data leak sites if a ransom is not paid.
Apple has reportedly placed initial orders of Apple Silicon MacBooks equivalent to almost a full fifth of total MacBook sales last year. Compal is one of Apple’s primary assemblers.
The laptop maker claimed it was just an “abnormality” in their office automation system. Lu Qingxiong said that the main reason was an abnormality in the office automation system. The company suspected of being invaded by hackers. It has urgently repaired most of it and is expected to return to normal today.
Lu Qingxiong emphasized that Compal is not being blackmailed by hackers, as is reported by the outside world, and everything is currently normal in production, UDN reported.
Whether MacBook production will actually be hit is currently unknown, but while it’s not uncommon for companies to want to keep quiet about ransomware attacks, public companies have to declare events which are likely to have a material effect on their financial performance. Since Compal has not done so, it does appear that – one way or another – it has the situation largely under control.
Check out our preview of what we’re expecting from today’s event, and we’ll of course be bringing you live coverage as it happens.
Photo: Ash Edmonds on Unsplash