A malicious threat group claimed that it had infiltrated the systems of a well-known factory in Mexico called Foxconn. The cybercriminal group, which seems to be a ransomware group, threatens to leak its stolen data if the company does not pay its asked ransom.
The Foxconn company is located inside the city of Tijuana, which is also near the border of California, US. This company is an expert in developing medical devices, industrial operations, and consumer electronics, and it is the livelihood of roughly 5,000 workers.
The researchers claimed that the threat group used the LockBit 2.0 ransomware when it attacked the Foxconn factory. In addition, the group may have been threatening the company to release the stolen information in the early weeks of June if Foxconn will not provide the ransom.
The odd thing about the attack is that the ransomware may or may not affect the operational technology systems of Foxconn. The concerned company is hesitant to pay the ransom since all the attacks may be hackers’ bluff.
Foxconn already had a fair share of ransomware attacks before.
This incident is not the first time ransomware has struck Foxconn. December, two years ago, the same company admitted that a cyberattack had targeted several of its systems in the US. According to a news report, the DoppelPaymer ransomware group hit the company, which started leaking stolen files as soon as they finished compromising its system.
Although Foxconn initially stated that the attack had only affected the systems inside their branch in the US, the threat group also claimed to have infiltrated their Mexican branch. Reports said that the DoppelPaymer group asked for approximately $34 million worth of Bitcoin.
In a related report, another LockBit hacker claimed to have stolen numerous data from Bridgestone’s well-known tire and rubber company in America. The recent activities of LockBit prompted the FBI to publish indicators of compromise for the malicious entity.
The law enforcement agency also reported that the LockBit ransomware operators commonly intrude on enterprise networks by buying access or exploiting unpatched vulnerabilities.