Gigabyte Allegedly Hit by AvosLocker Ransomware

If AvosLocker stole Gigabyte’s master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds.

The AvosLocker ransomware gang is claiming that it breached tech giant Gigabyte, adding that it has leaked a sample of what it claims are files stolen from the Taiwanese company’s network. It’s offering to sell the rest.

On Wednesday, the gang posted a “press release” announcing that it had purportedly gutted the motherboard/server maker, though it didn’t say when or how. The leaked files, seen by PrivacySharks and by Threatpost, appear to contain confidential details regarding deals with third-party companies and identifiable information about employees.

PrivacySharks has reached out to AvosLocker for more information about the breach. Threatpost has reached out to Gigabyte but hasn’t heard back yet.

Below is a screen capture of AvosLocker’s announcement, which refers to a nondisclosure agreement (NDA) between Gigabyte and Barracuda Networks. The NDA, which Threatpost has viewed, is dated June 2007 and signed on behalf of Barracuda by “Drako” – which, if authentic, presumably refers to Barracuda co-founder Dean Drako.

“Gigabyte INC suffered a breach, and this is a sample of the files

Read More: