AMD hack: 450Gb of data allegedly stolen by criminal group RansomHouse

Joel Loynds
AMD hacked

AMD is the latest victim of a hack, with a newer cyber criminal group, RansomHouse, claiming they’ve managed to secure 450Gb in stolen data on their website.

RansomHouse, a hacking collective that aims to steal and resell data of major companies on the black market, has posted to their deepweb website an apparent 450Gb set of files allegedly containing sensitive information from the PC part manufacturer, AMD.

It’s also unknown if the amount of data is actually 450 gigabytes or gigabits. If it is in gigabits, that’s only around 60GB of data stolen from the company.

Cybersecurity professionals are currently analysing the situation, as well as providing detailed breakdowns of the files being provided in a ‘sample’ by RansomHouse. Catalin Cimpanu, an ex-cybersecurity reporter has taken a look at the website, which currently claims that RansomHouse did not actually implement any ransomware, nor actually do the hacking themselves. He also mentions that while the private data could contain information pertaining to AMD, it could be sourced from an AMD partner rather than the manufacturer themselves.

Read more: The next-gen Intel i9 13900K has allegedly been sold on the black market

Dedicated cybersecurity website Restore Privacy has gone into the sample files and analysed what the full haul could contain. So far, it appears to be weak passwords that have caused RansomHouse to gain access to AMD’s information.

The data was originally leaked on January 5 2022, however, doesn’t appear to have been posted until recently by the hackers. Other files include system information, but nothing of note in regards to products – this would presumably be behind the paywall.

However, the striking thing here is that AMD has not come forward about any potential hacks or ransomware attacks since this occurred earlier in the year, leading to speculation that the data doesn’t hold anything of particular interest to the public. AMD have yet to make any statement in regards to the leak.

RansomHouse began to appear on the hacker circuit around 2021, with their first target being Saskatchewan Liquor and Gaming Authority, followed by ShopRite, a massive African retail store. While their name says otherwise, the group claims to not utilise ransomware on their victims. This is in stark contrast to the rising amount of incidents currently occurring around the world.

Read more: Intel’s first desktop GPU looks like a total letdown

Ransomware, for those not fully aware, is the act of encrypting files on a PC after gaining access to it (either physically or most likely, through the network remotely) and then, like a ransom letter, demanding payment in cryptocurrency to release the files back to the user. If not, the files will then be leaked.

RansomHouse however, appears to be lifting the files wholesale from elsewhere and then charging for them after the fact in an attempt to extort the company once they’ve made it clear they have data available for purchase on the deep web.

Nvidia was hit by a major cyberattack earlier this year, with parts of the business ‘compromised’ and in an interview with The Telegraph, Dr Alan Woodward said that the primary concern there was the chance that ‘somebody may have put something in one of the software updates.’