The RansomHouse gang had recently claimed an attack against AMD, an American semiconductor firm. According to the affected firm, they have begun investigating the alleged cyberattack after the threat group claimed to have stolen 450GB of company data from them in 2021.
Like any other data extortion group, the RansomHouse gang hacks into networks, steals a massive amount of sensitive data from their victims, and requests a ransom payment in exchange for the safety of their stolen data against being leaked or sold online.
Few teasers were posted on the threat group’s Telegram channel, stating that they were about to leak the data of a popular three-letter firm, adding a clue that it starts with an “A.” This claim was backed with another stronger clue after the group included AMD in their leak website and allegedly stole 450GB of data from the semiconductor giant.
RansomHouse revealed that one of their associates had breached the servers of AMD last year.
In contrast to some speculations that RansomHouse deploys ransomware on their campaigns, the threat group clarified that they have not used ransomware to breach the semiconductor firm and have not encrypted any of their devices.
The group also added that this time, they preferred to sell AMD’s stolen data to other cybercriminal groups rather than asking the semiconductor firm for a ransom since they see it as more profitable and valuable. As of now, RansomHouse says that the stolen data is under assessment for them to determine its value before setting it up for sale.
Aside from a few files allegedly holding information collected from the firm’s Windows domain, the RansomHouse group has not released more proof or samples of the stolen data. From a statement, AMD said that they were already alerted about the incident and are now investigating the claims of the data extortion group.
Emerged in December last year, the RansomHouse group announced their presence upon leaking the data of its first-ever target, the Saskatchewan Liquor and Gaming Authority (SLGA). Despite clarifying that they do not deploy ransomware in encrypting their victims’ data, their ransom note shows an association with the White Rabbit ransomware group.