Foxconn, the smartphone giant, has confirmed that a blackmail attack in late May disrupted the operation of a manufacturing plant in Mexico "It is confirmed that a factory in Mexico suffered a network attack of extortion software in late May," Foxconn spokesman Jimmy Huang told techcrunch. "The company's network security team has been implementing the corresponding recovery plan."
The affected production plant is Foxconn Baja California company, located in Tijuana city on the border with California, specializing in the production of medical equipment, consumer electronics and industrial operations. The company told techcrunch that although the operation of the factory was interrupted due to blackmail software attacks, the factory is gradually returning to normal.
"Disruptions to business operations will be handled through capacity adjustment," Huang added. "It is estimated that this cyber security attack will have little impact on the overall operation of the group. Relevant information about this incident will also be provided to our management, customers and suppliers in an instant."
Foxconn declined to disclose whether any data was accessed due to the attack, nor did it provide any information about the person responsible. However, lockbit, a well-known ransomware as a service (RAAS) operator, has claimed responsibility for the May 31 attack and threatened to disclose the data stolen from Foxconn unless a ransom was paid before June 11. Lockbit's request is still unknown, and Foxconn declined to comment on whether it would pay the ransom request.
Mandiant, a network security company, said in an analysis report on Thursday that evil Corp, headquartered in Russia, is a notorious hacker organization, which was sanctioned by the office of foreign assets control of the US Treasury in december2019. The organization has been using lockbit to try to infiltrate other branches. It is still unclear whether the Foxconn attack is related to the sanctioned hacker organization, which developed and distributed dridex malware.
This is not the first time Foxconn has been attacked by ransomware. In december2020, the company said that some of its systems in the United States were attacked by doppelpaymer extortion software operators, who were required to pay $34million worth of bitcoin.