Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

LockBit confirms Foxsemicon ransomware attack

Ransomware gang LockBit has claimed responsibility for the hack – and has shared employee passports and financial data to prove it.

user icon David Hollingworth
Mon, 22 Jan 2024
LockBit confirms Foxsemicon ransomware attack
expand image

After a hacker defaced the company’s website last week as a calling card, the LockBit 3.0 ransomware group has now posted details of the Foxsemicon hack on its darknet leak site.

The gang has shared five documents as proof of hack. The files include credit card details, a Wells Fargo account balance, Foxsemicon account details, and two employee passport scans, including one for a US-based project manager.

“Five terabytes of confidential information was stolen, if the company wants us to delete this information you need to pay,” a LockBit spokesperson wrote on the leak post.

============
============

The post was made on 19 January, and the deadline is 26 January.

Foxsemicon had its main website defaced last week, with a ransom note threatening to “completely destroy Foxsemicon”. Most groups simply leave a .txt note in the impacted file directory, but it looks like this particular LockBit affiliate prefers a more aggressive approach to negotiation.

“If you are a Foxsemicon customer, we have all your personal data,” Foxsemicon’s website said for a brief time last week. “All your personal data will be freely available on the Internet if Foxsemicon not pays [sic] money.”

“If your management does not contact us, you will lose your job, as we are able to completely destroy Foxsemicon with no possibility of recovery.”

LockBit is a ransomware-as-a-service operation – based in the Netherlands, according to its own site – hiring out its software and infrastructure to anyone who can afford it.

“We always have an unlimited amount of affiliates, enough space for all professionals,” LockBit said on its affiliate page. “It does not matter what country you live in, what types of language you speak, what age you are, what religion you believe in, anyone on the planet can work with us at any time of the year.”

Cyber Daily has reached out to Foxsemicon for comment.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.