Red Hot Cyber
Cybersecurity is about sharing.
Recognize the risk, combat it, share your experiences,
and encourage others to do better than you.
Pietro Melillo : 26 July 2024 16:20
On July 26, 2024, the ransomware group Ransomexx publicly claimed responsibility for an attack against Liteon, a giant in the electronic components sector. This attack is further evidence of the growing threat that cybercriminals pose to large companies. Below, we examine the details of the attack, its consequences, and the measures that companies can take to defend themselves against similar threats.
Liteon Technology Corporation, based in Taiwan, is a world leader in the production of a wide range of electronic components. Founded in 1975, Liteon specializes in the development and manufacturing of optoelectronic devices, storage devices, and other electronic components. Among its main products are LED lighting solutions, semiconductors, automotive electronics, and healthcare devices. Liteon is renowned for its innovation and commitment to sustainability, providing high-quality technological solutions to global customers.
Ransomexx, initially known as Defray777, changed its name to Ransomexx to reflect its evolution and adoption of increasingly sophisticated techniques. The group is known for its methodical and targeted approach, using various intrusion techniques, including phishing, exploiting software vulnerabilities, and brute force attacks to gain access to victims’ systems.
Iscriviti GRATIS ai WorkShop Hands-On della RHC Conference 2025 (Giovedì 8 maggio 2025)
Il giorno giovedì 8 maggio 2025 presso il teatro Italia di Roma (a due passi dalla stazione termini e dalla metro B di Piazza Bologna), si terranno i workshop "hands-on", creati per far avvicinare i ragazzi (o persone di qualsiasi età) alla sicurezza informatica e alla tecnologia. Questo anno i workshop saranno:
Supporta RHC attraverso:
Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.
The attack on Liteon occurred on July 26, 2024, when Ransomexx claimed responsibility for infiltrating the company’s systems and subsequently encrypting critical data.
On their website, Ransomexx published details regarding the attack, including the size of the stolen data, amounting to 142GB. Furthermore, the group threatened to release sensitive information unless Liteon paid a ransom.
At this time, we cannot precisely confirm the validity of the breach, as the organization has not yet released any official statement on its website regarding the incident. However, if confirmed, the data leak could include sensitive customer information, internal details about ongoing projects, and other critical data.
The attack has had several consequences for Liteon, including the disruption of business operations, delays in production and delivery of products, and potential damage to the company’s reputation. Liteon is currently working with authorities and cybersecurity experts to contain the damage and prevent future attacks.
The attack on Liteon underscores the crucial importance of cybersecurity for companies of all sizes and sectors. It is essential for companies to adopt proactive measures to protect their systems, such as implementing advanced security software, training employees to recognize threats, and creating incident response plans. Collaboration with authorities and sharing information about attacks can help prevent future incidents.
The ransomware attack by Ransomexx against Liteon is a clear warning of the vulnerability of modern companies to cyberattacks. This event highlights the need to strengthen cyber defenses and be prepared to respond to such threats. Only through an integrated and collaborative approach to cybersecurity can companies protect their data and maintain the trust of their customers.
As is our custom, we always leave room for a statement from the company should they wish to provide updates on the matter. We will be happy to publish such information in a specific article, highlighting the issue.
RHC will monitor the development of the incident to publish further news on the blog if there are substantial updates. Should anyone with knowledge of the facts wish to provide information anonymously, they can use the encrypted email for whistleblowers.
Pietro Melillo