Ryan Epps, Tech Times

Following an announcement made by a new cybercrime group known as RansomHouse, AMD is investigating the potential of a breach in its internal systems. The organization, which specifies itself as a "professional mediators community" as opposed to a ransomware group, claims to have over 450GB in data from AMD in early Jan. RansomHouse specifies it targets companies with limited security parameters and that acts more as a middle man for secure payments of retrieving stolen data. 

In response to Tom's Hardware, the US chipmaker wrote, "AMD is aware of a bad actor claiming to be in possession of stolen data from AMD. An investigation is currently underway."

According to Restore Privacy, which first debuted the news of AMD's breach, RansomHouse first rose into prominence in December 2021. Its darknet-based website, which is only accessible by using secure browsers like Onion, lists several victims on its homepage. The group gained notoriety following its breach and leak of data from Africa's supermarket chain ShopRite a few weeks prior. 

RansomHouse relays on its site that AMD's breach was made easy due to "simple passwords." The 450GB of data in RansomHouse's possession includes "network files, system information, as well as AMD passwords," according to Catalin Cimpanu of Restore Privacy. Despite the data, the attack itself remains unverified, as the data could be disingenuous or have belonged to an AMD subcontractor. 

Related Article: Nvidia vs. AMD: Next-Gen GPU are Coming, But Who Will Reign Supreme?

"An era of high-end technology, progress and top security...there's so much in these words for the crowds. But it seems those are still just beautiful words when even technology giants like AMD use simple passwords to protect their networks from intrusion. It is a shame those are real passwords used by AmD employees, but a bigger shame to AMD Security Department which gets significant financing according to the documents we got our hands on - all thanks to these passwords," reads a post on the RansomHouse data leak website. 

RansomHouse includes a contact support team for victims to get "further instructions" on limiting data. It's unclear if AMD has reached out to RansomHouse to offer compensation for the stolen data, but the cybercriminal group does list AMD on its website under the list of several other companies that "have either considered their financial gain to be above the interests of their partners/individuals who have entrusted their data to them or have chosen to conceal the fact they have been compromised." 

Alongside AMD and ShopRite, RansomHouse claims to have breached seven total companies, including Saskatchewan Liquor and Gaming Authority (SLGA) as its first victim. It's important to note that RansomHouse lists the downloaded data breached from AMD as "Gb" (gigabits) as opposed to GB (gigabyte), making the aforementioned 450 Gbs of data totaling around 56.26 Gb if the naming wasn't listed in error. AMD passwords listed within the leak include simple keys, such as "123456," "password," and even "Welcome1" as entries.  

Read Also: AMD Ryzen 7000 CPUs Leaked To Be Released in September

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags: AMD AMD chips Cybersecurity Ransomware Ransomware Attack
Join the Discussion