Foxconn hit with DoppelPaymer ransomware attack, $34M ransom demand


Foxconn, the Taiwan-based electronics giant, suffered a ransomware attack in its Mexican facility on November 29 during the Thanksgiving weekend. The facility is primarily used for electronics assembly and shipping.  In the strategic DoppelPaymer ransomware attack, the hackers grabbed unencrypted files before encrypting the devices.

Foxconn is the largest international company manufacturing electronics. In 2019, its revenue was $172 billion. The company has over 800,000 employees all over the globe. Foxconn’s subsidiaries include FIH Mobile, Sharp Corporation, Belkin, and Innolux.

DoppelPaymer Ransomware was used

Data exfiltration is used in DoppelPaymer ransomware attacks. The attacks can have specific targets. These ransomware attacks are often strategic.

The ransomware gang confirmed they attacked a specific Foxconn facility but did not attack the whole company.  The cybercriminals claimed to have encrypted 1,200 servers, taken 100 GB of unencrypted files, and destroyed or deleted 20-30 TB of the Foxconn backup system. They demanded more than $34 million ransom in Bitcoin from Foxconn.