AMD has said it is investigating a possible cyberattack, as the RansomHouse hack group recently claimed to have stolen more than 450GB of data from the manufacturer last year.
Let me remind you that we also wrote that New Hertzbleed Side-Channel Attack Affects Intel and AMD Processors.Bleeping Computer writes that RansomHouse is a ransomware group that hacks into corporate networks, steals data, and then demands a ransom from the victim company, otherwise threatening to sell the information to other attackers or publish it in the public domain.
Although RansomHouse was previously associated with the WhiteRabbit ransomware, hackers do not encrypt the devices of victims now, and no ransomware was used during the attack on AMD either.
Earlier this week, RansomHouse posted on its website that AMD was hacked, claiming to have stolen 450GB of data from the company.
The hackers told BleepingComputer journalists that their “partners” hacked the AMD network, and this happened about a year ago. Although the group’s website says that the data was stolen on January 5, 2022, the attackers explain that this is actually the date they lost access to the AMD network.
At the same time, a representative of the group said that RansomHouse did not turn to AMD with a ransom demand, since the sale of stolen data to other organizations and attackers turned out to be a more interesting prospect. The hackers claim that among the stolen data was research and financial information. According to them, they are still analyzing the stolen to determine the value of the stolen.
Journalists note that the group has not provided any evidence of their statements, except for several files containing information allegedly obtained from AMD’s Windows domain. This data includes a CSV file containing a list of over 70,000 devices that can apparently be found on the AMD internal network, as well as a list of supposed corporate credentials with weak passwords such as “password”, “P@ssw0rd”, “amd!23” “Welcome1”.
AMD representatives told Bleeping Computer that they are aware of the hacker claims and the company is already investigating the incident and a possible hack.
