A comparatively new ransomware operation named ‘Sarcoma’ has claimed accountability for an assault in opposition to the Unimicron printed circuit boards (PCB) maker in Taiwan.
The cybercriminals have revealed samples of recordsdata allegedly stolen from the corporate’s methods through the assault and threaten to leak every part subsequent week if a ransom shouldn’t be paid.
In a brand new itemizing added to Sarcoma’s leak web site yesterday, the risk actors declare to be holding 377 GB of SQL recordsdata and paperwork exfiltrated from the Taiwanese firm.
Supply: BleepingComputer
Unimicron is a public firm manufacturing inflexible and versatile PCBs, high-density interconnection (HDI) boards, and built-in circuit (IC) carriers.
The corporate is among the largest PCB producers on the planet, with crops and repair facilities in Taiwan, China, Germany, and Japan. Its merchandise are extensively utilized in LDC displays, computer systems, peripherals, and smartphones.
Unimicron disclosed in a bulletin revealed within the Taiwan Inventory Alternate (TWSE) portal that on February 1 it suffered disruption from a ransomware assault.
In accordance with the assertion, the incident occurred on January 30 and impacted Unimicron Expertise (Shenzhen) Corp., its China-based subsidiary.
The agency stated the influence of the assault is proscribed, and knowledgeable it has engaged an exterior cyber forensic group to conduct incident evaluation and assist with implementing protection measures.
Unimicron didn’t verify an information breach, although. In the meantime, the samples Sarcoma leaked on its extortion portal seem genuine.
BleepingComputer has reached out to Unimicron to ask for an up to date assertion addressing Sarcoma’s allegations, however a remark wasn’t instantly out there.
Fast rise to high-volume operations
Sarcoma launched its first assaults on October 2024, and rapidly grew to one of the lively and prolific ransomware gangs on the identical month, claiming 36 victims.
In November 2024, cybersecurity specialists at CYFIRMA warned: “Sarcoma ransomware is quickly changing into a big risk because of its aggressive techniques and rising sufferer rely.”
In December 2024, operational expertise cyber risk intelligence firm Dragos listed Sarcoma among the many most necessary rising threats for industrial organizations worldwide.
A report by RedPiranha shares extra particulars about Sarcoma, explaining that its operators make use of phishing emails and n-day vulnerabilities exploitation to achieve preliminary entry, whereas they’ve additionally carried out provide chain assaults to pivot from service distributors to their purchasers.
Publish-compromise, Sarcoma engages in RDP exploitation, lateral motion, and knowledge exfiltration.
Nonetheless, the instruments the risk group makes use of haven’t been analyzed but, so though the risk group’s operation signifies expertise within the area, its actual origin and techniques haven’t been deciphered but.